diff --git a/sgfw/socks_server_chain.go b/sgfw/socks_server_chain.go
index 05ba9d5..990d7be 100644
--- a/sgfw/socks_server_chain.go
+++ b/sgfw/socks_server_chain.go
@@ -410,15 +410,19 @@ func (c *socksChainSession) forwardTraffic(tls bool) {
         	}
 
 		if err != nil {
+			x509ValidationError := STR_REDACTED
+			if !FirewallConfig.LogRedact {
+				x509ValidationError = err.Error()
+			}
 			if c.pinfo.Sandbox != "" {
-				log.Errorf("TLSGuard violation: Dropping traffic from %s (sandbox: %s) to %s: %v", c.pinfo.ExePath, c.pinfo.Sandbox, dest, err)
+				log.Errorf("TLSGuard violation: Dropping traffic from %s (sandbox: %s) to %s: %s", c.pinfo.ExePath, c.pinfo.Sandbox, dest, x509ValidationError)
 			} else {
-				log.Errorf("TLSGuard violation: Dropping traffic from %s (unsandboxed) to %s: %v", c.pinfo.ExePath, dest, err)
+				log.Errorf("TLSGuard violation: Dropping traffic from %s (unsandboxed) to %s: %s", c.pinfo.ExePath, dest, x509ValidationError)
 			}
 			return
-		} else {
+		} /*else {
 			log.Notice("TLSGuard approved certificate presented for connection to: ", dest)
-		}
+		} */
 	}
 
 	var wg sync.WaitGroup