diff --git a/src/migtd/src/migration/mod.rs b/src/migtd/src/migration/mod.rs
index 86636eb5..13a53f4d 100644
--- a/src/migtd/src/migration/mod.rs
+++ b/src/migtd/src/migration/mod.rs
@@ -233,8 +233,8 @@ impl From<RatlsError> for MigrationResult {
             RatlsError::Crypto(_)
             | RatlsError::X509(_)
             | RatlsError::InvalidEventlog
-            | RatlsError::InvalidPolicy
             | RatlsError::GenerateCertificate => MigrationResult::SecureSessionError,
+            RatlsError::InvalidPolicy => MigrationResult::InvalidPolicyError,
             RatlsError::TdxModule(_) => MigrationResult::TdxModuleError,
             RatlsError::GetQuote | RatlsError::VerifyQuote => {
                 MigrationResult::MutualAttestationError
diff --git a/src/migtd/src/migration/rebinding.rs b/src/migtd/src/migration/rebinding.rs
index c9342890..8cf59b9f 100644
--- a/src/migtd/src/migration/rebinding.rs
+++ b/src/migtd/src/migration/rebinding.rs
@@ -644,7 +644,7 @@ async fn rebinding_new_prepare(
     pre_session_data: Vec<u8>,
 ) -> Result<(), MigrationResult> {
     // TLS server
-    let mut ratls_server = ratls::server_rebinding(transport, pre_session_data).map_err(|_| {
+    let mut ratls_server = ratls::server_rebinding(transport, pre_session_data).map_err(|e| {
         #[cfg(feature = "vmcall-raw")]
         data.extend_from_slice(
             &format!(
@@ -654,10 +654,11 @@ async fn rebinding_new_prepare(
             .into_bytes(),
         );
         log::error!(
-            "rebinding_new(): Failed in ratls transport. Migration ID: {}\n",
-            info.mig_request_id
+            "rebinding_new(): Failed in ratls transport. Migration ID: {} Error: {:?}\n",
+            info.mig_request_id,
+            e
         );
-        MigrationResult::SecureSessionError
+        e
     })?;
 
     let rebind_token = tls_receive_rebind_token(&mut ratls_server).await?;
diff --git a/src/migtd/src/migration/session.rs b/src/migtd/src/migration/session.rs
index 676baf73..f430ab5a 100644
--- a/src/migtd/src/migration/session.rs
+++ b/src/migtd/src/migration/session.rs
@@ -768,7 +768,7 @@ async fn migration_src_exchange_msk(
         log::error!(migration_request_id = info.mig_info.mig_request_id;
             "exchange_msk(): Failed in ratls client setup. Error: {:?}\n", e
         );
-        MigrationResult::SecureSessionError
+        e
     })?;
 
     // MigTD-S send Migration Session Forward key to peer
@@ -830,7 +830,7 @@ async fn migration_dst_exchange_msk(
         log::error!(migration_request_id = info.mig_info.mig_request_id;
             "exchange_msk(): Failed in ratls server setup. Error: {:?}\n", e
         );
-        MigrationResult::SecureSessionError
+        e
     })?;
 
     with_timeout(
diff --git a/src/migtd/src/spdm/mod.rs b/src/migtd/src/spdm/mod.rs
index 84c47c6e..018f2d73 100644
--- a/src/migtd/src/spdm/mod.rs
+++ b/src/migtd/src/spdm/mod.rs
@@ -117,8 +117,8 @@ pub fn gen_quote_spdm(report_data: &[u8]) -> Result<Vec<u8>, MigrationResult> {
     additional_data[..hash.len()].copy_from_slice(hash.as_ref());
     let td_report = tdx_tdcall::tdreport::tdcall_report(&additional_data)?;
 
-    let res =
-        attestation::get_quote(td_report.as_bytes()).map_err(|_| MigrationResult::Unsupported)?;
+    let res = attestation::get_quote(td_report.as_bytes())
+        .map_err(|_| MigrationResult::MutualAttestationError)?;
     Ok(res)
 }