MbedTLS failing with "The certificate is not correctly signed by the trusted CA" (0x08) connecting to Google Cloud load balancer

Dmitry_Shabrov · February 4, 2022, 7:05am

I don’t have a handshake. Specifically, the problem is described here:
https://forums.mbed.com/t/mbedtls-ssl-handshake-return-error-0x2700/5354

The function

static int function x509_crt_merge_flags_with_cb (x509_crt.c)

returns the value 8 in the flags variable. I went through this function step by step and saw that cur_flags was assigned the value 8 in the line

cur_flags = cur->flags;

. I don’t know where value 8 came from in cur->flags. Since the condition

if( NULL != f_vrfy )

fails (f_vrfy = 0), the

if( ( ret = f_vrfy( p_vrfy, cur->crt, (int) i-1, &cur_flags ) ) != 0 )

line is not called. Probably p_vrfy is not registered? Where does the value 8 come from in cur->flags;?

Topic		Replies	Views
Mbedtls_ssl_handshake return error -0x2700 Generic mbed_client , mbed_tls , mbed_os	8	10656	February 3, 2020
MbedTLS handshake fail return -0x50 Bug Reports / Issues mbed_client	11	7858	May 20, 2019
MbedTLS handshake is not functioning properly when attempting client authentication Platform specific questions mbed_client , mbed_tls , stmicroelectronics	2	2800	January 1, 2024
TLS handshake issue Generic mbed_client , mbed_tls	5	4751	October 7, 2018
mbedTLS SSL handshake ca certificate configuration Crypto and SSL questions	7	4808	December 15, 2019