diff --git a/desktop/flipper-server-core/src/devices/android/AndroidCertificateProvider.tsx b/desktop/flipper-server-core/src/devices/android/AndroidCertificateProvider.tsx
index 5ff253eb4..18fc654c2 100644
--- a/desktop/flipper-server-core/src/devices/android/AndroidCertificateProvider.tsx
+++ b/desktop/flipper-server-core/src/devices/android/AndroidCertificateProvider.tsx
@@ -27,12 +27,24 @@ export default class AndroidCertificateProvider extends CertificateProvider {
     appDirectory: string,
     csr: string,
   ): Promise<string> {
+    console.debug(
+      'AndroidCertificateProvider.getTargetDeviceId',
+      appName,
+      appDirectory,
+      csr,
+    );
     const devicesInAdb = await this.adb.listDevices();
     if (devicesInAdb.length === 0) {
       throw new Error('No Android devices found');
     }
     const deviceMatchList = devicesInAdb.map(async (device) => {
       try {
+        console.debug(
+          'AndroidCertificateProvider.getTargetDeviceId -> matching device',
+          device.id,
+          appName,
+          appDirectory,
+        );
         const result = await this.androidDeviceHasMatchingCSR(
           appDirectory,
           device.id,
@@ -112,6 +124,14 @@ export default class AndroidCertificateProvider extends CertificateProvider {
       deviceCsr.toString(),
       csr,
     ].map((s) => this.santitizeString(s));
+    console.debug(
+      'AndroidCertificateProvider.androidDeviceHasMatchingCSR',
+      directory,
+      deviceId,
+      processName,
+      sanitizedDeviceCsr,
+      sanitizedClientCsr,
+    );
     const isMatch = sanitizedDeviceCsr === sanitizedClientCsr;
     return {isMatch: isMatch, foundCsr: sanitizedDeviceCsr};
   }
diff --git a/desktop/flipper-server-core/src/utils/CertificateProvider.tsx b/desktop/flipper-server-core/src/utils/CertificateProvider.tsx
index 43f41cbd4..627f12960 100644
--- a/desktop/flipper-server-core/src/utils/CertificateProvider.tsx
+++ b/desktop/flipper-server-core/src/utils/CertificateProvider.tsx
@@ -33,19 +33,45 @@ export default abstract class CertificateProvider {
     os: string,
     appDirectory: string,
   ): Promise<{deviceId: string}> {
+    console.debug(
+      `${this.constructor.name}.processCertificateSigningRequest`,
+      unsanitizedCsr,
+      os,
+      appDirectory,
+    );
     const csr = this.santitizeString(unsanitizedCsr);
     if (csr === '') {
       return Promise.reject(new Error(`Received empty CSR from ${os} device`));
     }
+    console.debug(
+      `${this.constructor.name}.processCertificateSigningRequest -> ensureOpenSSLIsAvailable`,
+      os,
+      appDirectory,
+    );
     await ensureOpenSSLIsAvailable();
     const caCert = await getCACertificate();
+    console.debug(
+      `${this.constructor.name}.processCertificateSigningRequest -> deploy caCert`,
+      os,
+      appDirectory,
+    );
     await this.deployOrStageFileForDevice(
       appDirectory,
       deviceCAcertFile,
       caCert,
       csr,
     );
+    console.debug(
+      `${this.constructor.name}.processCertificateSigningRequest -> generateClientCertificate`,
+      os,
+      appDirectory,
+    );
     const clientCert = await generateClientCertificate(csr);
+    console.debug(
+      `${this.constructor.name}.processCertificateSigningRequest -> deploy clientCert`,
+      os,
+      appDirectory,
+    );
     await this.deployOrStageFileForDevice(
       appDirectory,
       deviceClientCertFile,
@@ -53,7 +79,20 @@ export default abstract class CertificateProvider {
       csr,
     );
     const appName = await extractAppNameFromCSR(csr);
+    console.debug(
+      `${this.constructor.name}.processCertificateSigningRequest -> getTargetDeviceId`,
+      os,
+      appDirectory,
+      appName,
+    );
     const deviceId = await this.getTargetDeviceId(appName, appDirectory, csr);
+    console.debug(
+      `${this.constructor.name}.processCertificateSigningRequest -> done`,
+      os,
+      appDirectory,
+      appName,
+      deviceId,
+    );
     return {
       deviceId,
     };