OTA failed with SSL verfication failed

[ht_main1]

Hi i am trying add ota support to firmware, while running code i get SSL verification failed
following is the log for same

Code: Select all

[0;31mE (347490) esp-tls: mbedtls_ssl_handshake returned -0x2700[0m
[0;32mI (347490) esp-tls: Failed to verify peer certificate![0m
[0;32mI (347490) esp-tls: verification info:   ! The certificate is not correctly signed by the trusted CA
[0m
[0;31mE (347500) esp-tls: Failed to open new connection[0m
[0;31mE (347510) TRANS_SSL: Failed to open a new connection[0m
[0;31mE (347510) HTTP_CLIENT: Connection failed, sock < 0[0m
[0;31mE (347520) esp_https_ota: Failed to open HTTP connection: ESP_ERR_HTTP_CONNECT[0m
OTA failed...

My esp32 idf version is 3.2.2, and i am trying the example from the Luca tutorial repository , github link for project

Code: Select all

[0;32mI (30) boot: ESP-IDF v3.2.2-dirty 2nd stage bootloader[0m
[0;32mI (30) boot: compile time 17:08:19[0m
[0;32mI (30) boot: Enabling RNG early entropy source...[0m
[0;32mI (35) boot: SPI Speed      : 40MHz[0m
[0;32mI (39) boot: SPI Mode       : DIO[0m
[0;32mI (43) boot: SPI Flash Size : 4MB[0m
[0;32mI (48) boot: Partition Table:[0m
[0;32mI (51) boot: ## Label            Usage          Type ST Offset   Length[0m
[0;32mI (58) boot:  0 nvs              WiFi data        01 02 00009000 00006000[0m
[0;32mI (66) boot:  1 phy_init         RF data          01 01 0000f000 00001000[0m
[0;32mI (73) boot:  2 factory          factory app      00 00 00010000 00100000[0m
[0;32mI (81) boot: End of partition table[0m

I am very confused with SSL certificate, on my website i get Certificate and issuer certificate and private Key, i have no idea which to pass to esp32 for verification.
all the certificate and key are in created in a Base-64 based PEM format.

i try to validate certificate on online tool it showed valid but when i was trying with opnessl command it failed, so i think first i have to figure out valid certificate pass , need help in this

Regards
Sushant