cancel
Showing results for 
Search instead for 
Did you mean: 

Not able to handshake with firabase and azure servers with wolfssl

shameem_emcus
Associate

I am working on a project using the STM32F207ZG (NUCLEO-F207ZG) microcontroller with FreeRTOS, LwIP (Ethernet), and wolfSSL to communicate securely with cloud servers over HTTPS. I am able to successfully perform a TLS handshake and communicate with an AWS server by loading the Amazon Root CA 1 certificate—everything works as expected in this case. However, when I attempt to connect to a Firebase server using the corresponding root certificate, the TLS handshake fails with error code -188, which corresponds to ASN_NO_SIGNER_E. I verified that the Firebase root certificate is valid by testing it with the wolfSSL example code on a PC, where it worked correctly, indicating the certificate itself is not the issue. I also encountered the same -188 error when trying to connect to an Azure server, again using the appropriate root certificate. This suggests the problem is specific to the STM32 + wolfSSL embedded environment. Since AWS, Firebase, and Azure all use similar TLS configurations and I am using the same STM32 firmware setup in each case, I am trying to understand why only the Firebase and Azure connections fail. I would greatly appreciate any insights or suggestions on whether this issue could be related to SNI support, certificate parsing limitations, cipher suite compatibility, or other wolfSSL or STM32-related configuration constraints.

1 REPLY 1
grd
ST Employee

Verifying the server trust chain can have different memory requirements, depending on the number and size of the certificates or on the cipher suites.

In addition to ensuring that the needed cipher suites are enabled, if not already done, you may want to check possible memory allocation/reallocation failures (cf. https://www.wolfssl.com/forums/topic1257-solved-unexpected-asnnosignere-error.html).