Mbedtls_ssl_handshake returned -0x2700

Mbed TLS Crypto and SSL questions
1

Hi,

I’m using a self signed certificate(both at the server’s and the client) created with OpenSSL tool:

-----BEGIN CERTIFICATE-----
MIID+jCCAuKgAwIBAgIJAL0/U+6NNvJ+MA0GCSqGSIb3DQEBCwUAMFsxCzAJBgNV
BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
aWRnaXRzIFB0eSBMdGQxFDASBgNVBAMTCzE5Mi4xNjguMS4xMB4XDTE5MDUwMTE1
MjgwOFoXDTIyMDIxODE1MjgwOFowWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNv
bWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEUMBIG
A1UEAxMLMTkyLjE2OC4xLjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDe4gCKxqn2gaJAA6ICsUaLTo4e2f7pPm5rBSNrwvqCTCGONuqiyl/Gz5vgFPjN
YZTqtmqEorDSQ0OMs1UijPc/gQn4k86vs2khKgFmQlHckYb9eE6G906YY5Qltblb
/OaY3XLf94vJ/Clk7kKCNqUvqzpz2NNLg/fN2Y6iSqRjMAWv/ccVd6uNrs+f6n9w
03+s+Sce3BpC25SHdOivNdR1E6vfBiCQNSDWqY5z1Ly2Jq8CsXvYivxjTqjUQACr
TWjCKwpYgv8x+9t8MvPtEPnBT5TZi6NKW3uXURu2BKg62U0ETPdReuXNq3GtRoP0
gpFjPAlZkzPAMo3ghPwJe12tAgMBAAGjgcAwgb0wHQYDVR0OBBYEFDVVQ2uOGqrG
4Y+jkDy/BiaykWQ4MIGNBgNVHSMEgYUwgYKAFDVVQ2uOGqrG4Y+jkDy/BiaykWQ4
oV+kXTBbMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UE
ChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRQwEgYDVQQDEwsxOTIuMTY4LjEu
MYIJAL0/U+6NNvJ+MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAG5x
Ze7bZuUY2UznvvERhrbQ6Bpo64ZQzGvjxTwzdGDt9Oe9d4rspnTVFwDHXXMjkN5b
aj0/Mkpw1WRCLZPUtJkGb64tGQfTOUqpzUZ0qH80nstYaXpb4Mb/SKXsV+8v2jvC
XT0kI1kTtfqWIqPBUOFf441KKjTEB7dVYv+f0QVixl+h7PqZQJkQoCLyJrpsLgfr
648cxrBPXcQKajutAAt7u7G40UZlM82yip7Lbe3l1XrJxYE+zowdNdzUCKqWKUHD
nc7JlaPxb8D9CwXvP76gJHVxjp0VsTr6Ys0lXRJfxRgcJjZd0MJl84EqxCj5VxAG
X36i39RDvkIgAGF+jE0=
-----END CERTIFICATE-----

I created the certificate with common name 192.168.1.1 and my server listens to that IP address.

I’m running simple HTTPS server. I managed to connect the server(3-way handshake) but the session between my MBEDTLS client and the server fails at handshake phase( SSL/TLS handshake).

I’m attaching the LOG(level 3):

. Seeding the random number generator… ok
. Loading the CA root certificate … ok (0 skipped)
. Connecting to tcp/192.168.1.1/4443… ok
. Setting up the SSL/TLS structure… ok
. Performing the SSL/TLS handshake…ssl_tls.c:8084: => handshake
ssl_cli.c:3510: client state: 0
ssl_tls.c:2755: => flush output
ssl_tls.c:2767: <= flush output
ssl_cli.c:3510: client state: 1
ssl_tls.c:2755: => flush output
ssl_tls.c:2767: <= flush output
ssl_cli.c:0774: => write client hello
ssl_cli.c:0812: client hello, max version: [3:3]
ssl_cli.c:0703: client hello, current time: 25
ssl_cli.c:0821: dumping ‘client hello, random bytes’ (32 bytes)
ssl_cli.c:0821: 0000: 00 00 00 19 70 95 52 74 99 b1 66 f6 b6 51 d2 e7 …p.Rt…f…Q…
ssl_cli.c:0821: 0010: 46 b8 f5 e7 c2 de 08 13 91 c8 c5 56 f1 03 4a 66 F…V…Jf
ssl_cli.c:0874: client hello, session id len.: 0
ssl_cli.c:0875: dumping ‘client hello, session id’ (0 bytes)
ssl_cli.c:0922: client hello, add ciphersuite: cca8
ssl_cli.c:0922: client hello, add ciphersuite: cca9
ssl_cli.c:0922: client hello, add ciphersuite: ccaa
ssl_cli.c:0922: client hello, add ciphersuite: c02c
ssl_cli.c:0922: client hello, add ciphersuite: c030
ssl_cli.c:0922: client hello, add ciphersuite: 009f
ssl_cli.c:0922: client hello, add ciphersuite: c0ad
ssl_cli.c:0922: client hello, add ciphersuite: c09f
ssl_cli.c:0922: client hello, add ciphersuite: c024
ssl_cli.c:0922: client hello, add ciphersuite: c028
ssl_cli.c:0922: client hello, add ciphersuite: 006b
ssl_cli.c:0922: client hello, add ciphersuite: c00a
ssl_cli.c:0922: client hello, add ciphersuite: c014
ssl_cli.c:0922: client hello, add ciphersuite: 0039
ssl_cli.c:0922: client hello, add ciphersuite: c0af
ssl_cli.c:0922: client hello, add ciphersuite: c0a3
ssl_cli.c:0922: client hello, add ciphersuite: c087
ssl_cli.c:0922: client hello, add ciphersuite: c08b
ssl_cli.c:0922: client hello, add ciphersuite: c07d
ssl_cli.c:0922: client hello, add ciphersuite: c073
ssl_cli.c:0922: client hello, add ciphersuite: c077
ssl_cli.c:0922: client hello, add ciphersuite: 00c4
ssl_cli.c:0922: client hello, add ciphersuite: 0088
ssl_cli.c:0922: client hello, add ciphersuite: c02b
ssl_cli.c:0922: client hello, add ciphersuite: c02f
ssl_cli.c:0922: client hello, add ciphersuite: 009e
ssl_cli.c:0922: client hello, add ciphersuite: c0ac
ssl_cli.c:0922: client hello, add ciphersuite: c09e
ssl_cli.c:0922: client hello, add ciphersuite: c023
ssl_cli.c:0922: client hello, add ciphersuite: c027
ssl_cli.c:0922: client hello, add ciphersuite: 0067
ssl_cli.c:0922: client hello, add ciphersuite: c009
ssl_cli.c:0922: client hello, add ciphersuite: c013
ssl_cli.c:0922: client hello, add ciphersuite: 0033
ssl_cli.c:0922: client hello, add ciphersuite: c0ae
ssl_cli.c:0922: client hello, add ciphersuite: c0a2
ssl_cli.c:0922: client hello, add ciphersuite: c086
ssl_cli.c:0922: client hello, add ciphersuite: c08a
ssl_cli.c:0922: client hello, add ciphersuite: c07c
ssl_cli.c:0922: client hello, add ciphersuite: c072
ssl_cli.c:0922: client hello, add ciphersuite: c076
ssl_cli.c:0922: client hello, add ciphersuite: 00be
ssl_cli.c:0922: client hello, add ciphersuite: 0045
ssl_cli.c:0922: client hello, add ciphersuite: ccac
ssl_cli.c:0922: client hello, add ciphersuite: ccad
ssl_cli.c:0922: client hello, add ciphersuite: 00ab
ssl_cli.c:0922: client hello, add ciphersuite: c0a7
ssl_cli.c:0922: client hello, add ciphersuite: c038
ssl_cli.c:0922: client hello, add ciphersuite: 00b3
ssl_cli.c:0922: client hello, add ciphersuite: c036
ssl_cli.c:0922: client hello, add ciphersuite: 0091
ssl_cli.c:0922: client hello, add ciphersuite: c091
ssl_cli.c:0922: client hello, add ciphersuite: c09b
ssl_cli.c:0922: client hello, add ciphersuite: c097
ssl_cli.c:0922: client hello, add ciphersuite: c0ab
ssl_cli.c:0922: client hello, add ciphersuite: 00aa
ssl_cli.c:0922: client hello, add ciphersuite: c0a6
ssl_cli.c:0922: client hello, add ciphersuite: c037
ssl_cli.c:0922: client hello, add ciphersuite: 00b2
ssl_cli.c:0922: client hello, add ciphersuite: c035
ssl_cli.c:0922: client hello, add ciphersuite: 0090
ssl_cli.c:0922: client hello, add ciphersuite: c090
ssl_cli.c:0922: client hello, add ciphersuite: c096
ssl_cli.c:0922: client hello, add ciphersuite: c09a
ssl_cli.c:0922: client hello, add ciphersuite: c0aa
ssl_cli.c:0922: client hello, add ciphersuite: 009d
ssl_cli.c:0922: client hello, add ciphersuite: c09d
ssl_cli.c:0922: client hello, add ciphersuite: 003d
ssl_cli.c:0922: client hello, add ciphersuite: 0035
ssl_cli.c:0922: client hello, add ciphersuite: c032
ssl_cli.c:0922: client hello, add ciphersuite: c02a
ssl_cli.c:0922: client hello, add ciphersuite: c00f
ssl_cli.c:0922: client hello, add ciphersuite: c02e
ssl_cli.c:0922: client hello, add ciphersuite: c026
ssl_cli.c:0922: client hello, add ciphersuite: c005
ssl_cli.c:0922: client hello, add ciphersuite: c0a1
ssl_cli.c:0922: client hello, add ciphersuite: c07b
ssl_cli.c:0922: client hello, add ciphersuite: 00c0
ssl_cli.c:0922: client hello, add ciphersuite: 0084
ssl_cli.c:0922: client hello, add ciphersuite: c08d
ssl_cli.c:0922: client hello, add ciphersuite: c079
ssl_cli.c:0922: client hello, add ciphersuite: c089
ssl_cli.c:0922: client hello, add ciphersuite: c075
ssl_cli.c:0922: client hello, add ciphersuite: 009c
ssl_cli.c:0922: client hello, add ciphersuite: c09c
ssl_cli.c:0922: client hello, add ciphersuite: 003c
ssl_cli.c:0922: client hello, add ciphersuite: 002f
ssl_cli.c:0922: client hello, add ciphersuite: c031
ssl_cli.c:0922: client hello, add ciphersuite: c029
ssl_cli.c:0922: client hello, add ciphersuite: c00e
ssl_cli.c:0922: client hello, add ciphersuite: c02d
ssl_cli.c:0922: client hello, add ciphersuite: c025
ssl_cli.c:0922: client hello, add ciphersuite: c004
ssl_cli.c:0922: client hello, add ciphersuite: c0a0
ssl_cli.c:0922: client hello, add ciphersuite: c07a
ssl_cli.c:0922: client hello, add ciphersuite: 00ba
ssl_cli.c:0922: client hello, add ciphersuite: 0041
ssl_cli.c:0922: client hello, add ciphersuite: c08c
ssl_cli.c:0922: client hello, add ciphersuite: c078
ssl_cli.c:0922: client hello, add ciphersuite: c088
ssl_cli.c:0922: client hello, add ciphersuite: c074
ssl_cli.c:0922: client hello, add ciphersuite: ccae
ssl_cli.c:0922: client hello, add ciphersuite: 00ad
ssl_cli.c:0922: client hello, add ciphersuite: 00b7
ssl_cli.c:0922: client hello, add ciphersuite: 0095
ssl_cli.c:0922: client hello, add ciphersuite: c093
ssl_cli.c:0922: client hello, add ciphersuite: c099
ssl_cli.c:0922: client hello, add ciphersuite: 00ac
ssl_cli.c:0922: client hello, add ciphersuite: 00b6
ssl_cli.c:0922: client hello, add ciphersuite: 0094
ssl_cli.c:0922: client hello, add ciphersuite: c092
ssl_cli.c:0922: client hello, add ciphersuite: c098
ssl_cli.c:0922: client hello, add ciphersuite: ccab
ssl_cli.c:0922: client hello, add ciphersuite: 00a9
ssl_cli.c:0922: client hello, add ciphersuite: c0a5
ssl_cli.c:0922: client hello, add ciphersuite: 00af
ssl_cli.c:0922: client hello, add ciphersuite: 008d
ssl_cli.c:0922: client hello, add ciphersuite: c08f
ssl_cli.c:0922: client hello, add ciphersuite: c095
ssl_cli.c:0922: client hello, add ciphersuite: c0a9
ssl_cli.c:0922: client hello, add ciphersuite: 00a8
ssl_cli.c:0922: client hello, add ciphersuite: c0a4
ssl_cli.c:0922: client hello, add ciphersuite: 00ae
ssl_cli.c:0922: client hello, add ciphersuite: 008c
ssl_cli.c:0922: client hello, add ciphersuite: c08e
ssl_cli.c:0922: client hello, add ciphersuite: c094
ssl_cli.c:0922: client hello, add ciphersuite: c0a8
ssl_cli.c:0934: client hello, got 127 ciphersuites (excluding SCSVs)
ssl_cli.c:0943: adding EMPTY_RENEGOTIATION_INFO_SCSV
ssl_cli.c:0992: client hello, compress len.: 1
ssl_cli.c:0994: client hello, compress alg.: 0
ssl_cli.c:0069: client hello, adding server name extension: 192.168.1.1
ssl_cli.c:0186: client hello, adding signature_algorithms extension
ssl_cli.c:0271: client hello, adding supported_elliptic_curves extension
ssl_cli.c:0336: client hello, adding supported_point_formats extension
ssl_cli.c:0518: client hello, adding encrypt_then_mac extension
ssl_cli.c:0552: client hello, adding extended_master_secret extension
ssl_cli.c:0585: client hello, adding session ticket extension
ssl_cli.c:1071: client hello, total extension length: 92
ssl_tls.c:3184: => write handshake message
ssl_tls.c:3343: => write record
ssl_tls.c:3423: output record: msgtype = 22, version = [3:1], msglen = 393
ssl_tls.c:2755: => flush output
ssl_tls.c:2774: message length: 398, out_left: 398
ssl_tls.c:2779: ssl->f_send() returned 398 (-0xfffffe72)
ssl_tls.c:2807: <= flush output
ssl_tls.c:3476: <= write record
ssl_tls.c:3320: <= write handshake message
ssl_cli.c:1106: <= write client hello
ssl_cli.c:3510: client state: 2
ssl_tls.c:2755: => flush output
ssl_tls.c:2767: <= flush output
ssl_cli.c:1499: => parse server hello
ssl_tls.c:4311: => read record
ssl_tls.c:2536: => fetch input
ssl_tls.c:2697: in_left: 0, nb_want: 5
ssl_tls.c:2721: in_left: 0, nb_want: 5
ssl_tls.c:2722: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2742: <= fetch input
ssl_tls.c:4056: input record: msgtype = 22, version = [3:3], msglen = 61
ssl_tls.c:2536: => fetch input
ssl_tls.c:2697: in_left: 5, nb_want: 66
ssl_tls.c:2721: in_left: 5, nb_want: 66
ssl_tls.c:2722: ssl->f_recv(_timeout)() returned 61 (-0xffffffc3)
ssl_tls.c:2742: <= fetch input
ssl_tls.c:3626: handshake message: msglen = 61, type = 2, hslen = 61
ssl_tls.c:4385: <= read record
ssl_cli.c:1579: dumping ‘server hello, version’ (2 bytes)
ssl_cli.c:1579: 0000: 03 03 …
ssl_cli.c:1604: server hello, current time: 1782968025
ssl_cli.c:1610: dumping ‘server hello, random bytes’ (32 bytes)
ssl_cli.c:1610: 0000: 6a 45 ee d9 71 b9 45 ca af 03 90 1d 87 d9 3d 94 jE…q.E…=.
ssl_cli.c:1610: 0010: a7 26 a7 e8 14 66 0b 1a 6d 1a 74 16 ff 33 ec 46 .&…f…m.t…3.F
ssl_cli.c:1690: server hello, session id len.: 0
ssl_cli.c:1691: dumping ‘server hello, session id’ (0 bytes)
ssl_cli.c:1729: no session has been resumed
ssl_cli.c:1731: server hello, chosen ciphersuite: c030
ssl_cli.c:1732: server hello, compress alg.: 0
ssl_cli.c:1764: server hello, chosen ciphersuite: TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
ssl_cli.c:1789: server hello, total extension length: 17
ssl_cli.c:1809: found renegotiation extension
ssl_cli.c:1888: found supported_point_formats extension
ssl_cli.c:1874: found session_ticket extension
ssl_cli.c:1978: <= parse server hello
ssl_cli.c:3510: client state: 3
ssl_tls.c:2755: => flush output
ssl_tls.c:2767: <= flush output
ssl_tls.c:5655: => parse certificate
ssl_tls.c:4311: => read record
ssl_tls.c:2536: => fetch input
ssl_tls.c:2697: in_left: 0, nb_want: 5
ssl_tls.c:2721: in_left: 0, nb_want: 5
ssl_tls.c:2722: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2742: <= fetch input
ssl_tls.c:4056: input record: msgtype = 22, version = [3:3], msglen = 1032
ssl_tls.c:2536: => fetch input
ssl_tls.c:2697: in_left: 5, nb_want: 1037
ssl_tls.c:2721: in_left: 5, nb_want: 1037
ssl_tls.c:2722: ssl->f_recv(_timeout)() returned 1032 (-0xfffffbf8)
ssl_tls.c:2742: <= fetch input
ssl_tls.c:3626: handshake message: msglen = 1032, type = 11, hslen = 1032
ssl_tls.c:4385: <= read record
ssl_tls.c:5606: peer certificate #1:
ssl_tls.c:5606: cert. version : 3
ssl_tls.c:5606: serial number : BD:3F:53:EE:8D:36:F2:7E
ssl_tls.c:5606: issuer name : C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=192.168.1.1
ssl_tls.c:5606: subject name : C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=192.168.1.1
ssl_tls.c:5606: issued on : 2019-05-01 15:28:08
ssl_tls.c:5606: expires on : 2022-02-18 15:28:08
ssl_tls.c:5606: signed using : RSA with SHA-256
ssl_tls.c:5606: RSA key size : 2048 bits
ssl_tls.c:5606: basic constraints : CA=true
ssl_tls.c:5606: value of ‘crt->rsa.N’ (2048 bits) is:
ssl_tls.c:5606: de e2 00 8a c6 a9 f6 81 a2 40 03 a2 02 b1 46 8b
ssl_tls.c:5606: 4e 8e 1e d9 fe e9 3e 6e 6b 05 23 6b c2 fa 82 4c
ssl_tls.c:5606: 21 8e 36 ea a2 ca 5f c6 cf 9b e0 14 f8 cd 61 94
ssl_tls.c:5606: ea b6 6a 84 a2 b0 d2 43 43 8c b3 55 22 8c f7 3f
ssl_tls.c:5606: 81 09 f8 93 ce af b3 69 21 2a 01 66 42 51 dc 91
ssl_tls.c:5606: 86 fd 78 4e 86 f7 4e 98 63 94 25 b5 b9 5b fc e6
ssl_tls.c:5606: 98 dd 72 df f7 8b c9 fc 29 64 ee 42 82 36 a5 2f
ssl_tls.c:5606: ab 3a 73 d8 d3 4b 83 f7 cd d9 8e a2 4a a4 63 30
ssl_tls.c:5606: 05 af fd c7 15 77 ab 8d ae cf 9f ea 7f 70 d3 7f
ssl_tls.c:5606: ac f9 27 1e dc 1a 42 db 94 87 74 e8 af 35 d4 75
ssl_tls.c:5606: 13 ab df 06 20 90 35 20 d6 a9 8e 73 d4 bc b6 26
ssl_tls.c:5606: af 02 b1 7b d8 8a fc 63 4e a8 d4 40 00 ab 4d 68
ssl_tls.c:5606: c2 2b 0a 58 82 ff 31 fb db 7c 32 f3 ed 10 f9 c1
ssl_tls.c:5606: 4f 94 d9 8b a3 4a 5b 7b 97 51 1b b6 04 a8 3a d9
ssl_tls.c:5606: 4d 04 4c f7 51 7a e5 cd ab 71 ad 46 83 f4 82 91
ssl_tls.c:5606: 63 3c 09 59 93 33 c0 32 8d e0 84 fc 09 7b 5d ad
ssl_tls.c:5606: value of ‘crt->rsa.E’ (17 bits) is:
ssl_tls.c:5606: 01 00 01
ssl_tls.c:5757: x509_verify_cert() returned -9984 (-0x2700)
ssl_tls.c:5250: => send alert message
ssl_tls.c:5251: send alert level=2 message=46
ssl_tls.c:3343: => write record
ssl_tls.c:3423: output record: msgtype = 21, version = [3:3], msglen = 2
ssl_tls.c:2755: => flush output
ssl_tls.c:2774: message length: 7, out_left: 7
ssl_tls.c:2779: ssl->f_send() returned 7 (-0xfffffff9)
ssl_tls.c:2807: <= flush output
ssl_tls.c:3476: <= write record
ssl_tls.c:5263: <= send alert message
ssl_tls.c:5852: ! Certificate verification flags 200
ssl_tls.c:5863: <= parse certificate
ssl_tls.c:8094: <= handshake
failed
! mbedtls_ssl_handshake returned -0x2700

Last error was: -9984 - X509 - Certificate verification failed, e.g. CRL, CA or signature check failed

ssl_tls.c:8934: => free
ssl_tls.c:8999: <= free

What do you think could be the problem ? if you need anymore details, please let me know.

Thanks, Dekel

2

Not an expert here but I think you need ECC certificate since both sides agree on ECDHE cipher suite. You can also limit the available cipher suites to not support ECC.

3

Thx for replaying. I tried to use a self signed ECC certificate generated by OpenSSL tool with common name 192.168.1.1. Verification also failed. Here’s the log:

. Seeding the random number generator… ok
. Loading the CA root certificate … ok (0 skipped)
. Connecting to tcp/192.168.1.1/4443… ok
. Setting up the SSL/TLS structure… ok
. Performing the SSL/TLS handshake…ssl_tls.c:8084: => handshake
ssl_cli.c:3510: client state: 0
ssl_tls.c:2755: => flush output
ssl_tls.c:2767: <= flush output
ssl_cli.c:3510: client state: 1
ssl_tls.c:2755: => flush output
ssl_tls.c:2767: <= flush output
ssl_cli.c:0774: => write client hello
ssl_cli.c:0812: client hello, max version: [3:3]
ssl_cli.c:0703: client hello, current time: 25
ssl_cli.c:0821: dumping ‘client hello, random bytes’ (32 bytes)
ssl_cli.c:0821: 0000: 00 00 00 19 70 95 52 74 99 b1 66 f6 b6 51 d2 e7 …p.Rt…f…Q…
ssl_cli.c:0821: 0010: 46 b8 f5 e7 c2 de 08 13 91 c8 c5 56 f1 03 4a 66 F…V…Jf
ssl_cli.c:0874: client hello, session id len.: 0
ssl_cli.c:0875: dumping ‘client hello, session id’ (0 bytes)
ssl_cli.c:0922: client hello, add ciphersuite: cca8
ssl_cli.c:0922: client hello, add ciphersuite: cca9
ssl_cli.c:0922: client hello, add ciphersuite: ccaa
ssl_cli.c:0922: client hello, add ciphersuite: c02c
ssl_cli.c:0922: client hello, add ciphersuite: c030
ssl_cli.c:0922: client hello, add ciphersuite: 009f
ssl_cli.c:0922: client hello, add ciphersuite: c0ad
ssl_cli.c:0922: client hello, add ciphersuite: c09f
ssl_cli.c:0922: client hello, add ciphersuite: c024
ssl_cli.c:0922: client hello, add ciphersuite: c028
ssl_cli.c:0922: client hello, add ciphersuite: 006b
ssl_cli.c:0922: client hello, add ciphersuite: c00a
ssl_cli.c:0922: client hello, add ciphersuite: c014
ssl_cli.c:0922: client hello, add ciphersuite: 0039
ssl_cli.c:0922: client hello, add ciphersuite: c0af
ssl_cli.c:0922: client hello, add ciphersuite: c0a3
ssl_cli.c:0922: client hello, add ciphersuite: c087
ssl_cli.c:0922: client hello, add ciphersuite: c08b
ssl_cli.c:0922: client hello, add ciphersuite: c07d
ssl_cli.c:0922: client hello, add ciphersuite: c073
ssl_cli.c:0922: client hello, add ciphersuite: c077
ssl_cli.c:0922: client hello, add ciphersuite: 00c4
ssl_cli.c:0922: client hello, add ciphersuite: 0088
ssl_cli.c:0922: client hello, add ciphersuite: c02b
ssl_cli.c:0922: client hello, add ciphersuite: c02f
ssl_cli.c:0922: client hello, add ciphersuite: 009e
ssl_cli.c:0922: client hello, add ciphersuite: c0ac
ssl_cli.c:0922: client hello, add ciphersuite: c09e
ssl_cli.c:0922: client hello, add ciphersuite: c023
ssl_cli.c:0922: client hello, add ciphersuite: c027
ssl_cli.c:0922: client hello, add ciphersuite: 0067
ssl_cli.c:0922: client hello, add ciphersuite: c009
ssl_cli.c:0922: client hello, add ciphersuite: c013
ssl_cli.c:0922: client hello, add ciphersuite: 0033
ssl_cli.c:0922: client hello, add ciphersuite: c0ae
ssl_cli.c:0922: client hello, add ciphersuite: c0a2
ssl_cli.c:0922: client hello, add ciphersuite: c086
ssl_cli.c:0922: client hello, add ciphersuite: c08a
ssl_cli.c:0922: client hello, add ciphersuite: c07c
ssl_cli.c:0922: client hello, add ciphersuite: c072
ssl_cli.c:0922: client hello, add ciphersuite: c076
ssl_cli.c:0922: client hello, add ciphersuite: 00be
ssl_cli.c:0922: client hello, add ciphersuite: 0045
ssl_cli.c:0922: client hello, add ciphersuite: ccac
ssl_cli.c:0922: client hello, add ciphersuite: ccad
ssl_cli.c:0922: client hello, add ciphersuite: 00ab
ssl_cli.c:0922: client hello, add ciphersuite: c0a7
ssl_cli.c:0922: client hello, add ciphersuite: c038
ssl_cli.c:0922: client hello, add ciphersuite: 00b3
ssl_cli.c:0922: client hello, add ciphersuite: c036
ssl_cli.c:0922: client hello, add ciphersuite: 0091
ssl_cli.c:0922: client hello, add ciphersuite: c091
ssl_cli.c:0922: client hello, add ciphersuite: c09b
ssl_cli.c:0922: client hello, add ciphersuite: c097
ssl_cli.c:0922: client hello, add ciphersuite: c0ab
ssl_cli.c:0922: client hello, add ciphersuite: 00aa
ssl_cli.c:0922: client hello, add ciphersuite: c0a6
ssl_cli.c:0922: client hello, add ciphersuite: c037
ssl_cli.c:0922: client hello, add ciphersuite: 00b2
ssl_cli.c:0922: client hello, add ciphersuite: c035
ssl_cli.c:0922: client hello, add ciphersuite: 0090
ssl_cli.c:0922: client hello, add ciphersuite: c090
ssl_cli.c:0922: client hello, add ciphersuite: c096
ssl_cli.c:0922: client hello, add ciphersuite: c09a
ssl_cli.c:0922: client hello, add ciphersuite: c0aa
ssl_cli.c:0922: client hello, add ciphersuite: 009d
ssl_cli.c:0922: client hello, add ciphersuite: c09d
ssl_cli.c:0922: client hello, add ciphersuite: 003d
ssl_cli.c:0922: client hello, add ciphersuite: 0035
ssl_cli.c:0922: client hello, add ciphersuite: c032
ssl_cli.c:0922: client hello, add ciphersuite: c02a
ssl_cli.c:0922: client hello, add ciphersuite: c00f
ssl_cli.c:0922: client hello, add ciphersuite: c02e
ssl_cli.c:0922: client hello, add ciphersuite: c026
ssl_cli.c:0922: client hello, add ciphersuite: c005
ssl_cli.c:0922: client hello, add ciphersuite: c0a1
ssl_cli.c:0922: client hello, add ciphersuite: c07b
ssl_cli.c:0922: client hello, add ciphersuite: 00c0
ssl_cli.c:0922: client hello, add ciphersuite: 0084
ssl_cli.c:0922: client hello, add ciphersuite: c08d
ssl_cli.c:0922: client hello, add ciphersuite: c079
ssl_cli.c:0922: client hello, add ciphersuite: c089
ssl_cli.c:0922: client hello, add ciphersuite: c075
ssl_cli.c:0922: client hello, add ciphersuite: 009c
ssl_cli.c:0922: client hello, add ciphersuite: c09c
ssl_cli.c:0922: client hello, add ciphersuite: 003c
ssl_cli.c:0922: client hello, add ciphersuite: 002f
ssl_cli.c:0922: client hello, add ciphersuite: c031
ssl_cli.c:0922: client hello, add ciphersuite: c029
ssl_cli.c:0922: client hello, add ciphersuite: c00e
ssl_cli.c:0922: client hello, add ciphersuite: c02d
ssl_cli.c:0922: client hello, add ciphersuite: c025
ssl_cli.c:0922: client hello, add ciphersuite: c004
ssl_cli.c:0922: client hello, add ciphersuite: c0a0
ssl_cli.c:0922: client hello, add ciphersuite: c07a
ssl_cli.c:0922: client hello, add ciphersuite: 00ba
ssl_cli.c:0922: client hello, add ciphersuite: 0041
ssl_cli.c:0922: client hello, add ciphersuite: c08c
ssl_cli.c:0922: client hello, add ciphersuite: c078
ssl_cli.c:0922: client hello, add ciphersuite: c088
ssl_cli.c:0922: client hello, add ciphersuite: c074
ssl_cli.c:0922: client hello, add ciphersuite: ccae
ssl_cli.c:0922: client hello, add ciphersuite: 00ad
ssl_cli.c:0922: client hello, add ciphersuite: 00b7
ssl_cli.c:0922: client hello, add ciphersuite: 0095
ssl_cli.c:0922: client hello, add ciphersuite: c093
ssl_cli.c:0922: client hello, add ciphersuite: c099
ssl_cli.c:0922: client hello, add ciphersuite: 00ac
ssl_cli.c:0922: client hello, add ciphersuite: 00b6
ssl_cli.c:0922: client hello, add ciphersuite: 0094
ssl_cli.c:0922: client hello, add ciphersuite: c092
ssl_cli.c:0922: client hello, add ciphersuite: c098
ssl_cli.c:0922: client hello, add ciphersuite: ccab
ssl_cli.c:0922: client hello, add ciphersuite: 00a9
ssl_cli.c:0922: client hello, add ciphersuite: c0a5
ssl_cli.c:0922: client hello, add ciphersuite: 00af
ssl_cli.c:0922: client hello, add ciphersuite: 008d
ssl_cli.c:0922: client hello, add ciphersuite: c08f
ssl_cli.c:0922: client hello, add ciphersuite: c095
ssl_cli.c:0922: client hello, add ciphersuite: c0a9
ssl_cli.c:0922: client hello, add ciphersuite: 00a8
ssl_cli.c:0922: client hello, add ciphersuite: c0a4
ssl_cli.c:0922: client hello, add ciphersuite: 00ae
ssl_cli.c:0922: client hello, add ciphersuite: 008c
ssl_cli.c:0922: client hello, add ciphersuite: c08e
ssl_cli.c:0922: client hello, add ciphersuite: c094
ssl_cli.c:0922: client hello, add ciphersuite: c0a8
ssl_cli.c:0934: client hello, got 127 ciphersuites (excluding SCSVs)
ssl_cli.c:0943: adding EMPTY_RENEGOTIATION_INFO_SCSV
ssl_cli.c:0992: client hello, compress len.: 1
ssl_cli.c:0994: client hello, compress alg.: 0
ssl_cli.c:0069: client hello, adding server name extension: 192.168.1.1
ssl_cli.c:0186: client hello, adding signature_algorithms extension
ssl_cli.c:0271: client hello, adding supported_elliptic_curves extension
ssl_cli.c:0336: client hello, adding supported_point_formats extension
ssl_cli.c:0518: client hello, adding encrypt_then_mac extension
ssl_cli.c:0552: client hello, adding extended_master_secret extension
ssl_cli.c:0585: client hello, adding session ticket extension
ssl_cli.c:1071: client hello, total extension length: 92
ssl_tls.c:3184: => write handshake message
ssl_tls.c:3343: => write record
ssl_tls.c:3423: output record: msgtype = 22, version = [3:1], msglen = 393
ssl_tls.c:2755: => flush output
ssl_tls.c:2774: message length: 398, out_left: 398
ssl_tls.c:2779: ssl->f_send() returned 398 (-0xfffffe72)
ssl_tls.c:2807: <= flush output
ssl_tls.c:3476: <= write record
ssl_tls.c:3320: <= write handshake message
ssl_cli.c:1106: <= write client hello
ssl_cli.c:3510: client state: 2
ssl_tls.c:2755: => flush output
ssl_tls.c:2767: <= flush output
ssl_cli.c:1499: => parse server hello
ssl_tls.c:4311: => read record
ssl_tls.c:2536: => fetch input
ssl_tls.c:2697: in_left: 0, nb_want: 5
ssl_tls.c:2721: in_left: 0, nb_want: 5
ssl_tls.c:2722: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2742: <= fetch input
ssl_tls.c:4056: input record: msgtype = 22, version = [3:3], msglen = 61
ssl_tls.c:2536: => fetch input
ssl_tls.c:2697: in_left: 5, nb_want: 66
ssl_tls.c:2721: in_left: 5, nb_want: 66
ssl_tls.c:2722: ssl->f_recv(_timeout)() returned 61 (-0xffffffc3)
ssl_tls.c:2742: <= fetch input
ssl_tls.c:3626: handshake message: msglen = 61, type = 2, hslen = 61
ssl_tls.c:4385: <= read record
ssl_cli.c:1579: dumping ‘server hello, version’ (2 bytes)
ssl_cli.c:1579: 0000: 03 03 …
ssl_cli.c:1604: server hello, current time: 3868897763
ssl_cli.c:1610: dumping ‘server hello, random bytes’ (32 bytes)
ssl_cli.c:1610: 0000: e6 9a b1 e3 f6 81 4e 48 01 98 cb 85 c3 52 e5 8b …NH…R…
ssl_cli.c:1610: 0010: 45 70 b7 d3 eb 3f 9b a5 57 3a 03 eb 57 b7 68 e9 Ep…?..W:…W.h.
ssl_cli.c:1690: server hello, session id len.: 0
ssl_cli.c:1691: dumping ‘server hello, session id’ (0 bytes)
ssl_cli.c:1729: no session has been resumed
ssl_cli.c:1731: server hello, chosen ciphersuite: c02c
ssl_cli.c:1732: server hello, compress alg.: 0
ssl_cli.c:1764: server hello, chosen ciphersuite: TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384
ssl_cli.c:1789: server hello, total extension length: 17
ssl_cli.c:1809: found renegotiation extension
ssl_cli.c:1888: found supported_point_formats extension
ssl_cli.c:1874: found session_ticket extension
ssl_cli.c:1978: <= parse server hello
ssl_cli.c:3510: client state: 3
ssl_tls.c:2755: => flush output
ssl_tls.c:2767: <= flush output
ssl_tls.c:5655: => parse certificate
ssl_tls.c:4311: => read record
ssl_tls.c:2536: => fetch input
ssl_tls.c:2697: in_left: 0, nb_want: 5
ssl_tls.c:2721: in_left: 0, nb_want: 5
ssl_tls.c:2722: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
ssl_tls.c:2742: <= fetch input
ssl_tls.c:4056: input record: msgtype = 22, version = [3:3], msglen = 635
ssl_tls.c:2536: => fetch input
ssl_tls.c:2697: in_left: 5, nb_want: 640
ssl_tls.c:2721: in_left: 5, nb_want: 640
ssl_tls.c:2722: ssl->f_recv(_timeout)() returned 635 (-0xfffffd85)
ssl_tls.c:2742: <= fetch input
ssl_tls.c:3626: handshake message: msglen = 635, type = 11, hslen = 635
ssl_tls.c:4385: <= read record
ssl_tls.c:5606: peer certificate #1:
ssl_tls.c:5606: cert. version : 3
ssl_tls.c:5606: serial number : CF:89:50:44:01:6E:C4:A2
ssl_tls.c:5606: issuer name : C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=192.168.1.1
ssl_tls.c:5606: subject name : C=AU, ST=Some-State, O=Internet Widgits Pty Ltd, CN=192.168.1.1
ssl_tls.c:5606: issued on : 2019-05-02 08:34:10
ssl_tls.c:5606: expires on : 2020-05-01 08:34:10
ssl_tls.c:5606: signed using : ECDSA with SHA1
ssl_tls.c:5606: EC key size : 256 bits
ssl_tls.c:5606: basic constraints : CA=true
ssl_tls.c:5606: value of ‘crt->eckey.Q(X)’ (253 bits) is:
ssl_tls.c:5606: 14 cd 97 cc 65 f6 51 09 02 41 49 f0 6f 99 4a 13
ssl_tls.c:5606: f5 fd 12 f6 fc 3a 3d a1 e9 da 00 fa 5d 14 fb de
ssl_tls.c:5606: value of ‘crt->eckey.Q(Y)’ (253 bits) is:
ssl_tls.c:5606: 1e be f2 07 df 3a 03 b2 d8 b4 35 77 12 bf 2a 17
ssl_tls.c:5606: 57 f4 0a f5 5e e7 c9 ab bd 64 9e 0b 5d 79 3e 9a
ssl_tls.c:5757: x509_verify_cert() returned -9984 (-0x2700)
ssl_tls.c:5250: => send alert message
ssl_tls.c:5251: send alert level=2 message=46
ssl_tls.c:3343: => write record
ssl_tls.c:3423: output record: msgtype = 21, version = [3:3], msglen = 2
ssl_tls.c:2755: => flush output
ssl_tls.c:2774: message length: 7, out_left: 7
ssl_tls.c:2779: ssl->f_send() returned 7 (-0xfffffff9)
ssl_tls.c:2807: <= flush output
ssl_tls.c:3476: <= write record
ssl_tls.c:5263: <= send alert message
ssl_tls.c:5852: ! Certificate verification flags 4200
ssl_tls.c:5863: <= parse certificate
ssl_tls.c:8094: <= handshake
failed
! mbedtls_ssl_handshake returned -0x2700

Last error was: -9984 - X509 - Certificate verification failed, e.g. CRL, CA or signature check failed

ssl_tls.c:8934: => free
ssl_tls.c:8999: <= free

I would really appreciate any help.

4

Hi @revertigo
Thank you for your question!

If you look at the certificate verification flags on both your ccases, you will see the following:

ssl_tls.c:5852: ! Certificate verification flags 200

and

ssl_tls.c:5852: ! Certificate verification flags 4200

You will see here the following definitions:

#define MBEDTLS_X509_BADCERT_FUTURE            0x0200  /**< The certificate validity starts in the future. */
#define MBEDTLS_X509_BADCERT_BAD_MD            0x4000  /**< The certificate is signed with an unacceptable hash. */

The two certificates are valid from 1/5 and 2/5. You should check your platform’s clock.
As for your ECC certificate, it is signed using : ECDSA with SHA1.
You should check if you have both MBEDTLS_SHA1_C and MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES defined in your configuration.
Regards,
Mbed TLS Team member
Ron

1 Like
5

Thanks for replaying, it was helpful !