Arm Mbed and Pelion Device Management support forum

Ssl handshake error code classification

Is there a general way to determine if an error that occurs while establishing an SSL connection is the fault of the initiator or the acceptor? I am trying to build a server that accepts incoming SSL connections. When the handshake process throws an error, I’d like to be able to tell if it was caused by a server misconfiguration, so I can close the server, or by a misconfigured client, in which case I would just disconnect them and continue.

Hi @wkd
The only thing you can do is determine where the failure happened.
For example, if your remote peer sent a fatal alert, then the failure happened there, but it is most possibly that your end sent wrong information.
If on your side you get a failure, it could be either the remote peer sent wrong information, or you have some configuration issues.
Regards,
Mbed TLS Support
Ron