Mbed TLS is now part of TrustedFirmware.org.

TLS Handshake fails due to Invalid SSL record

Jan 12, 2017 10:06

I am using Polarssl (version 1.3.9) . When I tried to connect to the website "bitsbox.com" using your sample client program (ssl_client1.c) with server_name extension, TLS handshake fails with error " An invalid SSL record was received" (0x7200).

Modifications which I made in your ssl_client1.c program:

  1. #define SERVER_PORT 443
  2. #define SERVER_NAME "bitsbox.com"
  3. Added " ssl_set_hostname( &ssl, "bitsbox.com"); " before ssl_set_bio() to include server_name extension in client hello

Output: . Seeding the random number generator... ok

. Loading the CA root certificate ... ok (0 skipped)

. Connecting to tcp/bitsbox.com/ 443... ok

. Setting up the SSL/TLS structure... ok

. Performing the SSL/TLS handshake...ssl_tls.c(2210): bad handshake length

ssl_tls.c(2474): ssl_read_record() returned -29184 (-0x7200) failed ! ssl_handshake returned -0x7200

Last error was: -29184 - SSL - An invalid SSL record was received

Why am I getting this error? How can I overcome this issue?

Jan 18, 2017 11:41
Ron Eldor

Hi Deepika,

I have tried reproducing this issue with your changes, and I didn't get this issue. The issue could be related to some other change.

The change looks ok to us. Please also upgrade to the latest PolarSSL 1.3 version (1.3.18 at the moment)


mbed TLS team member Ron