Arm Mbed and Pelion Device Management support forum

Handshake returns -2700 with Certificates created by AWS

Hi all,

I have created a certificate at AWS IoT Console. When I run the certificates in an AWS sample on a Raspberry Pi, everything works well. My certificates are embedded into code for testing purposes, I use mbedtls_x509_crt_parse function to parse the certificates.

Now, I want to run the application on an MCU, but getting -2700 error during the handshake.
I am using the same certificates embedded into code but I get the error.

Everything seems identical between Rasperry Pi and the MCU project. Only there is no time definition on the MCU (MBEDTLS_HAVE_TIME_DATE commented out).

I am using the mbedtls_wrapper.c implementation from the AWS IoT SDK. I am getting " ! The certificate is not correctly signed by the trusted CA" warning when I try to verify the certificates.
Problem is that I did not create the certificates, AWS did, and I am using the same certificates but gettin this.

Have an idea? Thank you

It seems the issue is about the memory. I have just increased the Heap Size and worked.

I would expect mbedtls to give a specific error for memory issues, like “internal error”.

Thanks.

Hi @arifec
I am glad you resolved your issue, and appreciate your comment.
Usually, when a memory issue happens on X509, you should get the MBEDTLS_ERR_X509_ALLOC_FAILED error (-0x2800). Perhaps there was some flow during the certificate verification that returned the verification failure error, and it would be nice to understand what the flow was.
Thanks again for your comment!
Regards,
Mbed Support
Ron