diff --git a/src/main/java/org/opensearch/security/ssl/util/ExceptionUtils.java b/src/main/java/org/opensearch/security/ssl/util/ExceptionUtils.java
index 83982239f0..4683075f1d 100644
--- a/src/main/java/org/opensearch/security/ssl/util/ExceptionUtils.java
+++ b/src/main/java/org/opensearch/security/ssl/util/ExceptionUtils.java
@@ -76,7 +76,13 @@ public static OpenSearchException createJwkCreationException(Throwable cause) {
         return new OpenSearchException("An error occurred during the creation of Jwk: {}", cause, cause.getMessage());
     }
 
-    public static OpenSearchException createTransportClientNoLongerSupportedException() {
-        return new OpenSearchException("Transport client authentication no longer supported.");
+    public static OpenSearchException clusterWrongNodeCertConfigException(String sslPrincipal) {
+        return new OpenSearchException(
+            "Node presenting certificate with SSL Principal {"
+                + sslPrincipal
+                + "} could"
+                + " not securely connect to the cluster. Please ensure the principal is correct and present in the"
+                + " nodes_dn list."
+        );
     }
 }
diff --git a/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java b/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java
index 5ab233587d..7558d9cb4c 100644
--- a/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java
+++ b/src/main/java/org/opensearch/security/transport/SecurityRequestHandler.java
@@ -291,7 +291,7 @@ protected void messageReceivedDecorate(
                     || HeaderHelper.isTrustedClusterRequest(getThreadContext())
                     || HeaderHelper.isExtensionRequest(getThreadContext()))) {
                     // CS-ENFORCE-SINGLE
-                    final OpenSearchException exception = ExceptionUtils.createTransportClientNoLongerSupportedException();
+                    final OpenSearchException exception = ExceptionUtils.clusterWrongNodeCertConfigException(principal);
                     log.error(exception.toString());
                     transportChannel.sendResponse(exception);
                     return;
diff --git a/src/test/java/org/opensearch/security/ccstest/CrossClusterSearchTests.java b/src/test/java/org/opensearch/security/ccstest/CrossClusterSearchTests.java
index 6265b60013..93dfee34c7 100644
--- a/src/test/java/org/opensearch/security/ccstest/CrossClusterSearchTests.java
+++ b/src/test/java/org/opensearch/security/ccstest/CrossClusterSearchTests.java
@@ -1355,7 +1355,14 @@ public void testCcsWithDiffCertsWithNoNodesDnUpdate() throws Exception {
         String uri = "cross_cluster_two:twitter/_search?pretty";
         HttpResponse ccs = rh1.executeGetRequest(uri, encodeBasicHeader("twitter", "nagilum"));
         assertThat(ccs.getStatusCode(), equalTo(HttpStatus.SC_INTERNAL_SERVER_ERROR));
-        assertThat(ccs.getBody(), containsString("Transport client authentication no longer supported"));
+        assertThat(
+            ccs.getBody(),
+            containsString(
+                "Node presenting certificate with SSL Principal "
+                    + "{CN=node-0.example.com,OU=SSL,O=Test,L=Test,C=DE} could not securely connect to the cluster. Please"
+                    + " ensure the principal is correct and present in the nodes_dn list."
+            )
+        );
     }
 
     @Test