diff --git a/src/internal.c b/src/internal.c
index 427809d8a..d62c24a56 100644
--- a/src/internal.c
+++ b/src/internal.c
@@ -22774,8 +22774,11 @@ static int DoSessionTicket(WOLFSSL* ssl, const byte* input, word32* inOutIdx,
                             return BUFFER_ERROR;
 
                         clSuites.hashSigAlgoSz = hashSigAlgoSz;
-                        if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO)
+                        if (clSuites.hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) {
+                            WOLFSSL_MSG("ClientHello SigAlgo list exceeds max, "
+                                                                  "truncating");
                             clSuites.hashSigAlgoSz = WOLFSSL_MAX_SIGALGO;
+                        }
 
                         XMEMCPY(clSuites.hashSigAlgo, &input[i],
                                                       clSuites.hashSigAlgoSz);
diff --git a/src/tls.c b/src/tls.c
index fe5f316e6..7c296b9bf 100644
--- a/src/tls.c
+++ b/src/tls.c
@@ -3771,7 +3771,7 @@ static int TLSX_SessionTicket_Parse(WOLFSSL* ssl, byte* input, word16 length,
     if (!isRequest) {
         if (TLSX_CheckUnsupportedExtension(ssl, TLSX_SESSION_TICKET))
             return TLSX_HandleUnsupportedExtension(ssl);
-        
+
         if (length != 0)
             return BUFFER_ERROR;
 
@@ -4908,8 +4908,10 @@ static int TLSX_SignatureAlgorithms_Parse(WOLFSSL *ssl, byte* input,
 
     /* truncate hashSigAlgo list if too long */
     suites->hashSigAlgoSz = len;
-    if (suites->hashSigAlgoSz > WOLFSSL_MAX_SIGALGO)
+    if (suites->hashSigAlgoSz > WOLFSSL_MAX_SIGALGO) {
+        WOLFSSL_MSG("TLSX SigAlgo list exceeds max, truncating");
         suites->hashSigAlgoSz = WOLFSSL_MAX_SIGALGO;
+    }
     XMEMCPY(suites->hashSigAlgo, input, suites->hashSigAlgoSz);
 
     return TLSX_SignatureAlgorithms_MapPss(ssl, input, len);