Arm Mbed OS support forum

Bad Key received from SSL Server

Hi There,

I am trying to implement the mbedTLS library on my STM32F4xx MCU, trying to connect to an SSL server with double way authentication. I am using TLSv1.2.
After sending the “Client Hello” message, and receiving the “Server Hello, Certificate, Certificate request”, the handshake fails due to the error: “MBEDTLS_X509_BADCERT_BAD_KEY”.

I did some debugging and apparently, the key length is shorter than the minimum length for the RSA key. (1024 < 2048).

It’s worth mentioning that I wrote a Python script that connects to the exact same server, and the issue doesn’t reproduce there at the PC level.
I sniffed the handshake with WireShark, and the “Client Hello” and “Server Hello” messages looks the same both on the PC and the MCU, so I suspect this is a wrong configuration of my MCU, that prevents a correct parsing of the server’s key.

Please share your insights.


Also used the same certificates both ways (*.pem), so this is probably not a problem with my certificates since it is working with Python.