FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

cryptic console output for mbed TLS on B-L475E-IOT01A

Fanuc30
Associate II

‎2020-05-21 01:51 PM 

Setting the RTC from the network time.
Connecting to www.gandi.net at ipaddress: 151.101.37.103
200241d8 => C:\STM32CubeExpansion_Cloud_AWS_V1.4.0\Middlewares\Third_Party\mbedTLS\library\ssl_tls.c:4643: x509_verify_cert() returned -9984 (-0x2700)
 
Configuring the RTC from Date: Thu, 21 May 2020 20:41:55 GMT
 
*** Firmware version management ***
 
Press the BLUE user button within the next 5 seconds
to change the firmware version
AWS IoT SDK Version 3.0.1-
MQTT connection in progress:   Attempt 1/3 ...
2002c0b0 => C:\STM32CubeExpansion_Cloud_AWS_V1.4.0\Middlewares\Third_Party\mbedTLS\library\ssl_tls.c:3831: mbedtls_ssl_handle_message_type() returned -30848 (-0x7880)

Apart from the error message itself, how does mbed tls module know the file path?

Why is the file path not the one I used (I used version 1.5.1)?

What is the number 3831 in ssl_tls.c:3831?

Thanks!

0 Kudos
5 REPLIES 5
KnarfB
Principal III

‎2020-05-22 10:09 AM

> how does mbed tls module know the file path?

The path may be from debug info (in .elf) file or __FILE__ macro in source code.

> Why is the file path not the one I used (I used version 1.5.1)?

You probably linked and object file/library which was built in that path.

> What is the number 3831 in ssl_tls.c:3831?

It's the line number in the source code of ssl_tls.c. So you may look there and get a better idea about the error reasons.

Also the error numbers should help you identifying the root cause of the errors.

0 Kudos
Guillaume K
ST Employee

‎2020-05-28 02:03 AM

mbedTLS error number 0x7880 means the certificate is incorrect.

Did you enter correctly the AWS certificate and the device certificate during configuration phase ?

The AWS certificate is in Middlewares\Third_Party\AWS\certs\Amazon1_Comodo_Baltimore.crt

The device certificate is the one you get when you create a "thing" in AWS console (as described in user manual)

0 Kudos
Vkamm.1
Associate III

‎2022-01-20 02:46 PM

Hi @Fanuc30  were you able to connect to the aws using the ​BL475E-IOTA board

0 Kudos
Fanuc30
Associate II
In response to Vkamm.1

‎2022-01-21 12:27 AM

@Vkamm.1I had no problem at the end. I successfully connected. But not sure what was the “break thru�?. The root CA, AWS policy, correct date on the IOTA boarde (certificates do not work with random dates), string format of the keys in the C code?

Advise: try to connect a Pi with the same credentials first (name, private/public keypaire, public key of endpoint, rootCA and endpointURL). If that doesn’t work it will not work with the IOTA boarde either.

Excusé I could not be of more helpe.

0 Kudos
Vkamm.1
Associate III

‎2022-01-21 11:42 PM

Hi @Fanuc30 I was able to solve the issue. Thanks.

0 Kudos
Top