tls: show human-readable error messages

Before this commit, verification exceptions had err.message set to the
OpenSSL error code (e.g. 'UNABLE_TO_VERIFY_LEAF_SIGNATURE').

This commit moves the error code to err.code and replaces err.message
with a human-readable error.  Example:

    // before
    {
      message: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE'
    }

    // after
    {
      code: 'UNABLE_TO_VERIFY_LEAF_SIGNATURE',
      message: 'unable to verify the first certificate'
    }

UNABLE_TO_VERIFY_LEAF_SIGNATURE is a good example of why you want this:
the error code suggests that it's the last certificate that fails to
validate while it's actually the first certificate in the chain.

Going by the number of mailing list posts and StackOverflow questions,
it's a source of confusion to many people.

1 files changed, 1 insertions, 1 deletions

diff --git a/doc/api/tls.markdown b/doc/api/tls.markdown
index a0fbe9a123..ceb1304a7a 100644
--- a/doc/api/tls.markdown
+++ b/doc/api/tls.markdown
@@ -294,7 +294,7 @@ Creates a new client connection to the given `port` and `host` (old API) or
 
   - `rejectUnauthorized`: If `true`, the server certificate is verified against
     the list of supplied CAs. An `'error'` event is emitted if verification
-    fails. Default: `true`.
+    fails; `err.code` contains the OpenSSL error code. Default: `true`.
 
   - `NPNProtocols`: An array of strings or `Buffer`s containing supported NPN
     protocols. `Buffer`s should have following format: `0x05hello0x05world`,