diff --git a/app/controllers/epp/sessions_controller.rb b/app/controllers/epp/sessions_controller.rb
index 99a148c9c..eae229d84 100644
--- a/app/controllers/epp/sessions_controller.rb
+++ b/app/controllers/epp/sessions_controller.rb
@@ -17,35 +17,59 @@ class Epp::SessionsController < EppController
       client_md5 = Certificate.parse_md_from_string(request.env['HTTP_SSL_CLIENT_CERT'])
       server_md5 = Certificate.parse_md_from_string(File.read(ENV['cert_path']))
       if client_md5 != server_md5
-        @msg = 'Authentication error; server closing connection (certificate is not valid)'
+        epp_errors << {
+          msg: 'Authentication error; server closing connection (certificate is not valid)',
+          code: '2501'
+        }
+
         success = false
       end
     end
 
     if request.ip != ENV['webclient_ip'] && @api_user
       unless @api_user.api_pki_ok?(request.env['HTTP_SSL_CLIENT_CERT'], request.env['HTTP_SSL_CLIENT_S_DN_CN'])
-        @msg = 'Authentication error; server closing connection (certificate is not valid)'
+        epp_errors << {
+          msg: 'Authentication error; server closing connection (certificate is not valid)',
+          code: '2501'
+        }
+
         success = false
       end
     end
 
     if success && !@api_user
-      @msg = 'Authentication error; server closing connection (API user not found)'
+      epp_errors << {
+        msg: 'Authentication error; server closing connection (API user not found)',
+        code: '2501'
+      }
+
       success = false
     end
 
     if success && !@api_user.try(:active)
-      @msg = 'Authentication error; server closing connection (API user is not active)'
+      epp_errors << {
+        msg: 'Authentication error; server closing connection (API user is not active)',
+        code: '2501'
+      }
+
       success = false
     end
 
     if success && !ip_white?
-      @msg = 'Authentication error; server closing connection (IP is not whitelisted)'
+      epp_errors << {
+        msg: 'Authentication error; server closing connection (IP is not whitelisted)',
+        code: '2501'
+      }
+
       success = false
     end
 
     if success && !connection_limit_ok?
-      @msg = 'Authentication error; server closing connection (connection limit reached)'
+      epp_errors << {
+        msg: 'Authentication error; server closing connection (connection limit reached)',
+        code: '2501'
+      }
+
       success = false
     end
 
@@ -62,7 +86,7 @@ class Epp::SessionsController < EppController
       render_epp_response('login_success')
     else
       response.headers['X-EPP-Returncode'] = '2200'
-      render_epp_response('login_fail')
+      handle_errors
     end
   end
   # rubocop: enable Metrics/MethodLength