diff --git a/swisssurfer/src/smartcardauth.hxx b/swisssurfer/src/smartcardauth.hxx
index 8845ca1..efab87b 100644
--- a/swisssurfer/src/smartcardauth.hxx
+++ b/swisssurfer/src/smartcardauth.hxx
@@ -44,13 +44,16 @@ class CryptokiEngine: public openssl::Engine {
                           id));
           OPENSSL_LOG("**** with keys: "<<keys.size());
           if (!keys.size()) { // add CA-certificate
+            OPENSSL_LOG("**** add to CA-certificates");
             std::string data(cert->attribute(CKA_VALUE).value);
             cacerts.push_back(QSslCertificate
                               (QByteArray(data.data(), data.size()),
                                QSsl::Der));
           } else {
+            OPENSSL_LOG("**** user cert, check for authentictaion");
             if (label.value.find("auth")==0 ||
-                label.value.find("Authentication")<std::string::npos) {
+                label.value.find("Authentication")!=std::string::npos) {
+              OPENSSL_LOG("**** it's our authentication cert");
               std::string data(cert->attribute(CKA_VALUE).value);
               QSslCertificate c(QByteArray(data.data(), data.size()),
                                 QSsl::Der);
@@ -80,6 +83,8 @@ class CryptokiEngine: public openssl::Engine {
                                         QMessageBox::tr("Authentication failed,"
                                                         " please try again."));
                 }
+            } else {
+              OPENSSL_LOG("**** it's not our authentication cert; ignore");
             }
             //! @todo show certificate dialog
             // std::string data(cert->attribute(CKA_VALUE).value);