diff --git a/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient b/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient
index 6e96382a..836c44ed 100644
--- a/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient
+++ b/confluent_osdeploy/common/initramfs/opt/confluent/bin/apiclient
@@ -183,7 +183,7 @@ def get_net_apikey(nodename, mgr):
     return ''
 
 
-def get_apikey(nodename, hosts):
+def get_apikey(nodename, hosts, errout=None):
     apikey = ""
     if os.path.exists('/etc/confluent/confluent.apikey'):
         apikey = open('/etc/confluent/confluent.apikey').read().strip()
@@ -207,8 +207,10 @@ def get_apikey(nodename, hosts):
                 if apikey:
                     break
         if not apikey:
-            sys.stderr.write(
-                "Failed getting API token, check deployment.apiarmed attribute on {}\n".format(nodename))
+            errmsg = "Failed getting API token, check deployment.apiarmed attribute on {}\n".format(nodename)
+            sys.stderr.write(errmsg)
+            if errout:
+                errout.write(errmsg)
             time.sleep(10)
     with open('/etc/confluent/confluent.apikey', 'w+') as apiout:
         apiout.write(apikey)
@@ -217,7 +219,10 @@ def get_apikey(nodename, hosts):
     return apikey
 
 class HTTPSClient(client.HTTPConnection, object):
-    def __init__(self, usejson=False, port=443, host=None):
+    def __init__(self, usejson=False, port=443, host=None, errout=None):
+        self.errout = None
+        if errout:
+            self.errout = open(errout, 'w')
         self.stdheaders = {}
         mgtiface = None
         if usejson:
@@ -331,7 +336,10 @@ class HTTPSClient(client.HTTPConnection, object):
         try:
             self.sock = ctx.wrap_socket(psock, server_hostname=host)
         except ssl.SSLError:
-            sys.stderr.write('Error validating certificate on deployer (try `osdeploy initialize -t` on the deployment server {0})\n'.format(host))
+            errmsg = 'Error validating certificate on deployer (try `osdeploy initialize -t` on the deployment server {0})\n'.format(host)
+            sys.stderr.write(errmsg)
+            if self.errout:
+                self.errout.write(errmsg)
             sys.exit(1)
 
     def grab_url(self, url, data=None, returnrsp=False):
@@ -387,9 +395,15 @@ if __name__ == '__main__':
         data = sys.argv.pop(data)
     except ValueError:
         data = None
+    try:
+        errout = sys.argv.index('-e')
+        sys.argv.pop(errout)
+        errout = sys.argv.pop(errout)
+    except ValueError:
+        errout = None
     if outbin:
         with open(outbin, 'ab+') as outf:
-            reader = HTTPSClient(usejson=usejson).grab_url(
+            reader = HTTPSClient(usejson=usejson, errout=errout).grab_url(
                 sys.argv[1], data, returnrsp=True)
             chunk = reader.read(16384)
             while chunk:
@@ -399,10 +413,10 @@ if __name__ == '__main__':
     if len(sys.argv) > 2 and os.path.exists(sys.argv[-1]):
         data = open(sys.argv[-1]).read()
     if waitfor:
-        client = HTTPSClient(usejson)
+        client = HTTPSClient(usejson, errout=errout)
         status = 201
         while status != waitfor:
             status, rsp = client.grab_url_with_status(sys.argv[1], data)
             sys.stdout.write(rsp.decode())
     else:
-        sys.stdout.write(HTTPSClient(usejson).grab_url(sys.argv[1], data).decode())
+        sys.stdout.write(HTTPSClient(usejson, errout=errout).grab_url(sys.argv[1], data).decode())
diff --git a/confluent_osdeploy/el8-diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh b/confluent_osdeploy/el8-diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh
index 9f03a248..8a381541 100644
--- a/confluent_osdeploy/el8-diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh
+++ b/confluent_osdeploy/el8-diskless/initramfs/usr/lib/dracut/hooks/cmdline/10-confluentdiskless.sh
@@ -8,6 +8,7 @@ get_remote_apikey() {
         confluent_apikey=$(cat /etc/confluent/confluent.apikey)
         if [ -z "$confluent_apikey" ]; then
             echo "Unable to acquire node api key, set deployment.apiarmed=once on node '$nodename', retrying..."
+            if [ ! -z "$autocons" ]; then echo "Unable to acquire node api key, set deployment.apiarmed=once on node '$nodename', retrying..." > $autocons; fi
             sleep 10
         elif [ -c /dev/tpmrm0 ]; then
             tmpdir=$(mktemp -d)
@@ -132,8 +133,8 @@ while [ $ready = "0" ]; do
     elif grep 'SSL' $tmperr > /dev/null; then
         confluent_mgr=${confluent_mgr#[}
         confluent_mgr=${confluent_mgr%]}
-    	/opt/confluent/bin/autocons -c > /dev/null
     	echo 'Failure establishing TLS conneection to '$confluent_mgr' (try `osdeploy initialize -t` on the deployment server)'
+	if [ ! -z "$autocons" ]; then echo 'Failure establishing TLS conneection to '$confluent_mgr' (try `osdeploy initialize -t` on the deployment server)' > $autocons; fi
     	sleep 1
     else
         ready=1
diff --git a/confluent_osdeploy/el8/initramfs/usr/lib/dracut/hooks/cmdline/01-confluent.sh b/confluent_osdeploy/el8/initramfs/usr/lib/dracut/hooks/cmdline/01-confluent.sh
index 1cfda638..f441504e 100644
--- a/confluent_osdeploy/el8/initramfs/usr/lib/dracut/hooks/cmdline/01-confluent.sh
+++ b/confluent_osdeploy/el8/initramfs/usr/lib/dracut/hooks/cmdline/01-confluent.sh
@@ -1,5 +1,6 @@
 #!/bin/bash
 echo -n "" >> /tmp/net.ifaces
+echo -n "" > /tmp/01-autocons.devnode
 cat /tls/*.0 >> /etc/pki/tls/certs/ca-bundle.crt
 if ! grep console= /proc/cmdline >& /dev/null; then
     autocons=$(/opt/confluent/bin/autocons)
diff --git a/confluent_osdeploy/el8/initramfs/usr/lib/dracut/hooks/pre-trigger/01-confluent.sh b/confluent_osdeploy/el8/initramfs/usr/lib/dracut/hooks/pre-trigger/01-confluent.sh
index c6d45894..905ee604 100644
--- a/confluent_osdeploy/el8/initramfs/usr/lib/dracut/hooks/pre-trigger/01-confluent.sh
+++ b/confluent_osdeploy/el8/initramfs/usr/lib/dracut/hooks/pre-trigger/01-confluent.sh
@@ -57,8 +57,12 @@ nodename=$(grep ^NODENAME /etc/confluent/confluent.info|awk '{print $2}')
 #TODO: blkid --label <whatever> to find mounted api
 
 cat /tls/*.pem > /etc/confluent/ca.pem
-while ! confluentpython /opt/confluent/bin/apiclient /confluent-api/self/deploycfg2 > /etc/confluent/confluent.deploycfg; do
-	/opt/confluent/bin/autocons -c > /dev/null
+autocons=$(cat /tmp/01-autocons.devnode)
+errout=""
+if [ ! -z "$autocons" ]; then
+    errout="-e $autocons"
+fi
+while ! confluentpython /opt/confluent/bin/apiclient $errout /confluent-api/self/deploycfg2 > /etc/confluent/confluent.deploycfg; do
 	sleep 1
 done
 ifidx=$(cat /tmp/confluent.ifidx)
@@ -96,7 +100,7 @@ if [ "$textconsole" = "true" ] && ! grep console= /proc/cmdline > /dev/null; the
 	if [ ! -z "$autocons" ]; then
 	    echo Auto-configuring installed system to use text console
 	    echo Auto-configuring installed system to use text console > $autocons
-        /opt/confluent/bin/autocons -c > /dev/null
+            /opt/confluent/bin/autocons -c > /dev/null
 	    cp /tmp/01-autocons.conf /etc/cmdline.d/
 	else
 	    echo "Unable to automatically detect requested text console"