diff --git a/.vscode/settings.json b/.vscode/settings.json
index 187dfff..aaf717d 100644
--- a/.vscode/settings.json
+++ b/.vscode/settings.json
@@ -13,6 +13,7 @@
         "slider-frame.h": "c",
         "aime-dll.h": "c",
         "sg-reader.h": "c",
-        "reg.h": "c"
+        "reg.h": "c",
+        "type_traits": "c"
     }
 }
\ No newline at end of file
diff --git a/hooklib/dns.c b/hooklib/dns.c
index d3a9660..6c43806 100644
--- a/hooklib/dns.c
+++ b/hooklib/dns.c
@@ -511,7 +511,7 @@ static WINHTTPAPI BOOL hook_WinHttpCrackUrl(
         return true;
     }
 
-    dprintf("DNS: crack URL %S\n", lpUrlComponents->lpszHostName);
+    //dprintf("DNS: crack URL %S\n", lpUrlComponents->lpszHostName);
     
     EnterCriticalSection(&dns_hook_lock);
 
@@ -526,7 +526,7 @@ static WINHTTPAPI BOOL hook_WinHttpCrackUrl(
             } else {
                 wcscat_s(bfr, _countof(bfr), pos->to);
                 wcscat_s(bfr, _countof(bfr), path);
-                dprintf("DNS: Replaced cracked url %S (%d) -> %S\n", lpUrlComponents->lpszHostName, (int)lpUrlComponents->dwHostNameLength, bfr);
+                dprintf("DNS: Replaced url -> %S\n", bfr);
                 lpUrlComponents->lpszHostName = bfr;
                 lpUrlComponents->dwHostNameLength = wcslen(pos->to);
             }
diff --git a/hooklib/path.c b/hooklib/path.c
index 46b2c54..af6f466 100644
--- a/hooklib/path.c
+++ b/hooklib/path.c
@@ -345,15 +345,16 @@ static void path_hook_init(void)
     InitializeCriticalSection(&path_hook_lock);
 
     path_hook_insert_hooks(NULL);
+    
+    proc_addr_table_push(
+        NULL, 
+        "KERNEL32.DLL", 
+        path_hook_syms, 
+        _countof(path_hook_syms));
 }
 
 void path_hook_insert_hooks(HMODULE target)
 {
-    proc_addr_table_push(
-        target, 
-        "kernel32.dll", 
-        path_hook_syms, 
-        _countof(path_hook_syms));
     hook_table_apply(
             target,
             "kernel32.dll",
diff --git a/meson.build b/meson.build
index 6652d8d..afe6753 100644
--- a/meson.build
+++ b/meson.build
@@ -40,6 +40,7 @@ dinput8_lib = cc.find_library('dinput8')
 dxguid_lib = cc.find_library('dxguid')
 xinput_lib = cc.find_library('xinput')
 crypt_lib = cc.find_library('crypt32')
+winhttp_lib = cc.find_library('winhttp')
 
 inc = include_directories('.')
 capnhook = subproject('capnhook')
diff --git a/platform/cert.c b/platform/cert.c
index e704f3f..2fee714 100644
--- a/platform/cert.c
+++ b/platform/cert.c
@@ -65,6 +65,8 @@ WINHTTPAPI BOOL (*next_WinHttpSetOption)(
     DWORD     dwBufferLength
 );
 
+void ca_error_cb(HINTERNET hInternet, DWORD_PTR dwContext, DWORD dwInternetStatus, LPVOID lpvStatusInformation, DWORD dwStatusInformationLength);
+
 static const struct hook_symbol cert_syms[] = {
     {
         .name   = "CertFindCertificateInStore",
@@ -150,7 +152,7 @@ PCCERT_CONTEXT WINAPI hook_CertFindCertificateInStore(
         wcscat_s(cert_path, _countof(cert_path), (wchar_t *)pvFindPara); // use the search string as a name
         wcscat_s(cert_path, _countof(cert_path), L".cer");
 
-        dprintf("Cert: Look for override cert at %S\n", cert_path);
+        // dprintf("Cert: Look for override cert at %S\n", cert_path);
 
         HANDLE f = CreateFileW((LPCWSTR)cert_path, GENERIC_READ, FILE_SHARE_READ, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL);
 
@@ -239,7 +241,6 @@ WINHTTPAPI BOOL hook_WinHttpSetOption(
     DWORD     dwBufferLength
 )
 {
-    dprintf("Cert: hook_WinHttpSetOption %p %08X\n", hInternet, (int)dwOption);
     if (dwOption == WINHTTP_OPTION_CLIENT_CERT_CONTEXT) {
         // This is U G L Y and will fail on servers that actually check the client cert.
         dprintf("Cert: Block WINHTTP_OPTION_CLIENT_CERT_CONTEXT\n");
@@ -248,8 +249,20 @@ WINHTTPAPI BOOL hook_WinHttpSetOption(
     else if (dwOption == WINHTTP_OPTION_SECURITY_FLAGS) {
         dprintf("Cert: Add all security ignore flags\n");
         int value = SECURITY_FLAG_IGNORE_UNKNOWN_CA | SECURITY_FLAG_IGNORE_CERT_DATE_INVALID | SECURITY_FLAG_IGNORE_CERT_CN_INVALID; // the kitchen sink
+        WINHTTP_STATUS_CALLBACK cb_check = WinHttpSetStatusCallback(hInternet, (WINHTTP_STATUS_CALLBACK)ca_error_cb, WINHTTP_CALLBACK_FLAG_SECURE_FAILURE, 0);
+        if (cb_check == WINHTTP_INVALID_STATUS_CALLBACK) {
+            dprintf("Cert: Failed to set SSL error callback: %08lX\n", GetLastError());
+            SetLastError(0);
+        }
         return next_WinHttpSetOption(hInternet, dwOption, &value, dwBufferLength);
+    } else {
+        dprintf("Cert: hook_WinHttpSetOption %p %08X\n", hInternet, (int)dwOption);
     }
 
     return next_WinHttpSetOption(hInternet, dwOption, lpBuffer, dwBufferLength);
+}
+
+void ca_error_cb(HINTERNET hInternet, DWORD_PTR dwContext, DWORD dwInternetStatus, LPVOID lpvStatusInformation, DWORD dwStatusInformationLength)
+{
+    dprintf("Cert: HTTP Secure connection failure: %04lX\n", *(DWORD *)lpvStatusInformation);
 }
\ No newline at end of file
diff --git a/platform/meson.build b/platform/meson.build
index 5e20148..40a850e 100644
--- a/platform/meson.build
+++ b/platform/meson.build
@@ -6,7 +6,8 @@ platform_lib = static_library(
     dependencies : [
         capnhook.get_variable('hook_dep'),
         shlwapi_lib,
-        crypt_lib
+        crypt_lib,
+        winhttp_lib,
     ],
     sources : [
         'cert.c',