PolarSSL is now part of ARM Official announcement and rebranded as mbed TLS.

Connecting to an external HTTPS server.


Aug 25, 2017 10:46
Antonio

Hello,

I am testing my HTTPS client to connect to an external HTTPS server (https://api.ipify.org returns my IP address) instead of the test server. I changed some parameters on ssl_client2 application to use the server certificate (info provided by the mailing list moderator). I also changed the serverIP and SERVER_NAME. However, the handshake does not work. THis is the output I get.. " " . Seeding the random number generator... ok

. Loading the CA root certificate ... ok (0 skipped)

. Loading the client cert. and key... ok

. Connecting to tcp/50.19.238.1/443... ok

. Setting up the SSL/TLS structure... ok

. Performing the SSL/TLS handshake... failed

! mbedtls_ssl_handshake returned -0x7200

Last error was: -0x7200 - SSL - An invalid SSL record was received" "

Earlier Ron (mailing list admin) provided some help where to download and setting the server certificate up, but I still get the same error..

Thanks in advance for any hints..

/Antonio

 
Aug 27, 2017 07:51
Ron Eldor

Hi Antonio,
error -0x7200 (MBEDTLS_ERR_SSL_INVALID_RECORD) is an error that is returned in numerous locations. It is an error that is returned when the message cannot be read. If the issue was an invalid CA_ROOT file, the error that you should have got was -0x2700 (MBEDTLS_ERR_X509_CERT_VERIFY_FAILED), unless the error you are receiving is before the certificate was sent. To better understand the flow, and the location where the error is returned, please run the ssl_client2 program with parameter debug_level=5 and look at the logs.
Regards,
Mbed TLS Team member
Ron

 
Aug 29, 2017 07:08
Ron Eldor

Discussion continued here