diff --git a/boring/src/ssl/error.rs b/boring/src/ssl/error.rs
index f7772916..5fb91659 100644
--- a/boring/src/ssl/error.rs
+++ b/boring/src/ssl/error.rs
@@ -169,6 +169,12 @@ fn fmt_mid_handshake_error(
     f: &mut fmt::Formatter,
     prefix: &str,
 ) -> fmt::Result {
+    #[cfg(feature = "rpk")]
+    if s.ssl().ssl_context().is_rpk() {
+        write!(f, "{}", prefix)?;
+        return write!(f, " {}", s.error());
+    }
+
     match s.ssl().verify_result() {
         X509VerifyResult::OK => write!(f, "{}", prefix)?,
         verify => write!(f, "{}: cert verification failed - {}", prefix, verify)?,
diff --git a/tokio-boring/tests/rpk.rs b/tokio-boring/tests/rpk.rs
index 2fb90862..5492767a 100644
--- a/tokio-boring/tests/rpk.rs
+++ b/tokio-boring/tests/rpk.rs
@@ -96,9 +96,12 @@ mod test_rpk {
 
             let stream = TcpStream::connect(&addr).await.unwrap();
 
-            assert!(tokio_boring::connect(config, "localhost", stream)
+            let err = tokio_boring::connect(config, "localhost", stream)
                 .await
-                .is_err());
+                .unwrap_err();
+
+            // NOTE: smoke test for https://github.com/cloudflare/boring/issues/140
+            let _ = err.to_string();
         };
 
         future::join(server, client).await;