Possible improvements: 1. Provide a way for the user to verify that the server is configured correctly, e.g. by providing a link to the ssllabs.com (or similar) analysis of the server. 2. Provide an indication of which non-default trust flags have been set on the relevant certificates (to identify the case where the user has untrusted a root CA in our program for whatever reason.) 3. Provide a way to save the certificate chain as a file that can be attached to a bugzilla bug report.
This is more of a front-end issue (and note that we implemented #3 - for overridable errors, if the user clicks the error code (in the advanced pane), the certificate chain is displayed as PEM).