esp-tls-mbedtls: mbedtls_ssl_setup returned -0x7F00

mmmunir966
Posts: 12
Joined: Tue Feb 08, 2022 2:02 pm

esp-tls-mbedtls: mbedtls_ssl_setup returned -0x7F00

Postby mmmunir966 » Mon Nov 28, 2022 10:20 am

Hi,
I am trying to build https communication alongwith an I2C based RTC. I have integrated custom .pem files for SSL certificate verification. When the sensor is plugged out on I2C driver, the SSL communication works fine and data is transmitted successfuly to the server.
I am getting below errors when I connect the sensor on I2C port. I tried to change the SDA and SCL pins, but the issue remains the same. I earched for this issue on different forums but could not get even a single clue.
The errors are

Code: Select all

W (93495) HTTP_CLIENT: Setting https configs.
W (93505) HTTP_CLIENT: Setting config->use_global_ca_store.
E (93555) esp-tls-mbedtls: mbedtls_ssl_setup returned -0x7F00
E (93555) esp-tls: create_ssl_handle failed
E (93555) esp-tls: Failed to open new connection
E (93565) TRANSPORT_BASE: Failed to open a new connection
E (93575) HTTP_CLIENT: Connection failed, sock < 0
I (93575) DataUploadClient: HTTP_EVENT_ERROR
E (93585) DataUploadClient: Error perform http request ESP_ERR_HTTP_CONNECT
I (93585) DataUploadClient: HTTP_EVENT_DISCONNECTED
I have configured the HTTPs as below.

Code: Select all

esp_http_client_config_t config = {
            .url = host_url.c_str(),
            .port = DEFAULT_SSL_PORT,
            .cert_pem = (const char *)tls_certificate_bundle,
            .cert_len = tls_certificate_bundle_size,
            .method = HTTP_METHOD_POST,
            .event_handler = _http_event_handler,
            .transport_type = HTTP_TRANSPORT_OVER_SSL,
            .use_global_ca_store = true,
        };

        esp_http_client_handle_t client = esp_http_client_init(&config);
        esp_http_client_set_header(client, "content-type", "application/x-protobuf");
        esp_http_client_set_post_field(client, post_data.c_str(), post_data.size());

        esp_err_t err;
        do
        {
            err = esp_http_client_perform(client);
        } while (err == ESP_ERR_HTTP_EAGAIN);

        if (err == ESP_OK)
        {
            ESP_LOGI(TAG, "HTTPS Status = %d, content_length = %d",
                     esp_http_client_get_status_code(client),
                     esp_http_client_get_content_length(client));
        }
        else
        {
            ESP_LOGE(TAG, "Error perform http request %s", esp_err_to_name(err));
        }
        esp_http_client_cleanup(client);
Any help would be much appreciated.

mmmunir966
Posts: 12
Joined: Tue Feb 08, 2022 2:02 pm

Re: esp-tls-mbedtls: mbedtls_ssl_setup returned -0x7F00

Postby mmmunir966 » Mon Nov 28, 2022 12:53 pm

After doing some more experiments, It seems the issue with the heap memory. The call to perform data upload takes around 38Kb of heap memory, so when the available memory is less than 38kb, it fails to validate the SSL certificates.
The 2nd issue found is timeout. I have multiple tasks running and if context switching happens between the tasks, it gives timeout error.

mmmunir966
Posts: 12
Joined: Tue Feb 08, 2022 2:02 pm

Re: esp-tls-mbedtls: mbedtls_ssl_setup returned -0x7F00

Postby mmmunir966 » Tue Nov 29, 2022 12:17 pm

Now, I am getting this error. Anyone please help.

Code: Select all

E (546560) esp-x509-crt-bundle: PK verify failed with error FFFFBD70
E (546560) esp-x509-crt-bundle: Failed to verify certificate
E (546560) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0x3000
E (546570) esp-tls: Failed to open new connection
E (546570) TRANSPORT_BASE: Failed to open a new connection
E (546580) HTTP_CLIENT: Connection failed, sock < 0
I (546590) DataUploadClient: HTTP_EVENT_ERROR
E (546590) DataUploadClient: Error perform http request ESP_ERR_HTTP_CONNECT

Vikass
Posts: 1
Joined: Sat Sep 30, 2023 6:08 am

Re: esp-tls-mbedtls: mbedtls_ssl_setup returned -0x7F00

Postby Vikass » Sat Sep 30, 2023 6:55 am

Hello @mmmunir966,

Has your issue been resolved?

I am trying to build MQTTS communication and encountered the same issue when connecting to MQTT over SSL.
  1. E (109296) esp-tls-mbedtls: mbedtls_ssl_setup returned -0x7f00
  2. E (109296) esp-tls: create_ssl_handle failed
  3. E (109296) esp-tls: Failed to open new connection
  4. E (109306) TRANS_SSL: Failed to open a new connection
  5. E (109316) MQTT_CLIENT: Error transport connect
Below are the details of my MQTTs structure:

Code: Select all

esp_mqtt_client_config_t mqtt_cfg = {
      .uri = "mqtts://mqtts.qwertytest.in:8883",
      .username = "test",
      .password = "test@123",
      .client_cert_pem = (const char *)client_pem_crt_start,
      .client_key_pem = (const char *)client_key_start,
      .cert_pem = (const char *)ca_pem_start,
  };
Any help would be greatly appreciated. :)

Who is online

Users browsing this forum: No registered users and 107 guests