diff --git a/CHANGELOG.md b/CHANGELOG.md
index bd795cda..4e70c264 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,6 +3,9 @@
 All notable changes to the Zlux Server Framework package will be documented in this file.
 This repo is part of the app-server Zowe Component, and the change logs here may appear on Zowe.org in that section.
 
+## 1.17.0
+- Enhancement: Verbose logging of certificate and CA certificate details when logLevel=3 (FINE)
+
 ## 1.16.0
 
 - [D] Feature: Expose GET /server/environment endpoint with minimal data when RBAC is off, to share only environment details that are required to do dependency checks and more accurate server-to-server communication (#237)
diff --git a/lib/webserver.js b/lib/webserver.js
index 037bf999..593bb60f 100644
--- a/lib/webserver.js
+++ b/lib/webserver.js
@@ -175,6 +175,7 @@ function loadPem(locations, type, keyrings) {
 function readTlsOptionsFromConfig(config, httpsOptions) {
   //in case keys and certs can be read from the same keyring, store them here for later retrieval
   let keyrings = {};
+  let forge = require('node-forge');
   if (config.https.pfx) {
     try {
       httpsOptions.pfx = fs.readFileSync(config.https.pfx);
@@ -188,6 +189,17 @@ function readTlsOptionsFromConfig(config, httpsOptions) {
   } else {
     if (config.https.certificates) {
       httpsOptions.cert = loadPem(config.https.certificates, CRYPTO_CONTENT_CERT, keyrings).content;
+      for(let i = 0; i < httpsOptions.cert.length; i++){
+        let curCert = forge.pki.certificateFromPem(httpsOptions.cert[i]);
+        let certData = {
+          signature: curCert.signature,
+          validity: curCert.validity,
+          issuer: curCert.issuer,
+          extensions: curCert.extensions,
+          publicKey: curCert.publicKey,
+        }
+        networkLogger.debug(`ZWED0072I`, JSON.stringify(certData, null, 2));
+      }
       bootstrapLogger.info('ZWED0072I', config.https.certificates); //bootstrapLogger.info('Using Certificate: ' + config.https.certificates);
     }
     if (config.https.keys) {
@@ -196,6 +208,17 @@ function readTlsOptionsFromConfig(config, httpsOptions) {
   }
   if (config.https.certificateAuthorities) {
     httpsOptions.ca = loadPem(config.https.certificateAuthorities, CRYPTO_CONTENT_CA, keyrings).content;
+    for(let i = 0; i < httpsOptions.ca.length; i++){
+      let curCert = forge.pki.certificateFromPem(httpsOptions.ca[i]);
+      let certData = {
+        signature: curCert.signature,
+        validity: curCert.validity,
+        issuer: curCert.issuer,
+        extensions: curCert.extensions,
+        publicKey: curCert.publicKey,
+      }
+      networkLogger.debug(`ZWED0072I`, JSON.stringify(certData, null, 2));
+    }
   }
   if (config.https.certificateRevocationLists) {
     httpsOptions.crl = loadPem(config.https.certificateRevocationLists, CRYPTO_CONTENT_CRL, keyrings).content;