diff --git a/roles/etcd/templates/make-ssl-etcd.sh.j2 b/roles/etcd/templates/make-ssl-etcd.sh.j2
index e0dde401d38..11d555bd21e 100644
--- a/roles/etcd/templates/make-ssl-etcd.sh.j2
+++ b/roles/etcd/templates/make-ssl-etcd.sh.j2
@@ -64,8 +64,8 @@ if [ -e "$SSLDIR/ca-key.pem" ]; then
     # Reuse existing CA
     cp $SSLDIR/{ca.pem,ca-key.pem} .
 else
-    openssl genrsa -out ca-key.pem {{certificates_key_size}} > /dev/null 2>&1
-    openssl req -x509 -new -nodes -key ca-key.pem -days {{certificates_duration}} -out ca.pem -subj "/CN=etcd-ca" > /dev/null 2>&1
+    openssl genrsa -out ca-key.pem {{certificates_key_size}}
+    openssl req -x509 -new -nodes -key ca-key.pem -days {{certificates_duration}} -out ca.pem -subj "/CN=etcd-ca"
 fi
 
 # ETCD member
@@ -73,14 +73,14 @@ if [ -n "$MASTERS" ]; then
     for host in $MASTERS; do
         cn="${host%%.*}"
         # Member key
-        openssl genrsa -out member-${host}-key.pem {{certificates_key_size}} > /dev/null 2>&1
-        openssl req -new -key member-${host}-key.pem -out member-${host}.csr -subj "/CN=etcd-member-${cn}" -config ${CONFIG} > /dev/null 2>&1
-        openssl x509 -req -in member-${host}.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out member-${host}.pem -days {{certificates_duration}} -extensions ssl_client -extfile ${CONFIG} > /dev/null 2>&1
+        openssl genrsa -out member-${host}-key.pem {{certificates_key_size}}
+        openssl req -new -key member-${host}-key.pem -out member-${host}.csr -subj "/CN=etcd-member-${cn}" -config ${CONFIG}
+        openssl x509 -req -in member-${host}.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out member-${host}.pem -days {{certificates_duration}} -extensions ssl_client -extfile ${CONFIG}
 
         # Admin key
-        openssl genrsa -out admin-${host}-key.pem {{certificates_key_size}} > /dev/null 2>&1
-        openssl req -new -key admin-${host}-key.pem -out admin-${host}.csr -subj "/CN=etcd-admin-${cn}" > /dev/null 2>&1
-        openssl x509 -req -in admin-${host}.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out admin-${host}.pem -days {{certificates_duration}} -extensions ssl_client  -extfile ${CONFIG} > /dev/null 2>&1
+        openssl genrsa -out admin-${host}-key.pem {{certificates_key_size}}
+        openssl req -new -key admin-${host}-key.pem -out admin-${host}.csr -subj "/CN=etcd-admin-${cn}"
+        openssl x509 -req -in admin-${host}.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out admin-${host}.pem -days {{certificates_duration}} -extensions ssl_client  -extfile ${CONFIG}
     done
 fi
 
@@ -88,9 +88,9 @@ fi
 if [ -n "$HOSTS" ]; then
     for host in $HOSTS; do
         cn="${host%%.*}"
-        openssl genrsa -out node-${host}-key.pem {{certificates_key_size}} > /dev/null 2>&1
-        openssl req -new -key node-${host}-key.pem -out node-${host}.csr -subj "/CN=etcd-node-${cn}" > /dev/null 2>&1
-        openssl x509 -req -in node-${host}.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out node-${host}.pem -days {{certificates_duration}} -extensions ssl_client  -extfile ${CONFIG} > /dev/null 2>&1
+        openssl genrsa -out node-${host}-key.pem {{certificates_key_size}}
+        openssl req -new -key node-${host}-key.pem -out node-${host}.csr -subj "/CN=etcd-node-${cn}"
+        openssl x509 -req -in node-${host}.csr -CA ca.pem -CAkey ca-key.pem -CAcreateserial -out node-${host}.pem -days {{certificates_duration}} -extensions ssl_client  -extfile ${CONFIG}
     done
 fi