-
Notifications
You must be signed in to change notification settings - Fork 157
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mbedtls_x509_crt_parse returned -0x2180 (CA-293) #183
Comments
hi @zhichunlee , Did you found a solution? |
Bumped this submodule of our repo to newer release and having the same behaviour. Tested certificates with older project and working just fine :( |
hi Stencht |
Having the exact same problem, good to know that it was already reported, but concerning that the issue is not being looked at. |
This issue is due the absence of certificate length definitions, now the length must passed afterwards the certificate in the network contex structure. Somewhere in the examples a certificate is defined in the code and its length passed to the netwrok context. |
@aidiaz I'm having exact same issue. I noticed that the null termination appears to be missing when I retrieve the cert from NVS. I'm needing to add + 1 onto the len of any string pulled out of nvs... And now it works. NB, I get the endpoint and rootCA from local binary files.
On the downside, I immediately run into another error. But that's generally how it works, isn't it?!
|
I am using the 202210.01-LTS version and facing the same errors, when trying to run the examples/mqtt/tls_mutual_auth example. |
I'm having the same problem when I'm running the examples/mqtt/mqtt_demo_mutual_auth under the master branch. |
Hi
I used thing_shadow example of esp-aws-iot-202210.01-LTS-release to connect AWS IoT, and got follows error info:
esp-tls-mbedtls: mbedtls_x509_crt_parse returned -0x2180
esp-tls-mbedtls: Failed to set client pki context
esp-tls-mbedtls: Failed to set client configurations, returned [0x8015] (ESP_ERR_MBEDTLS_X509_CRT_PARSE_FAILED)
The Root CA certificate and client key are downloaded from AWS and worked in old version SDK(perhapse 202203).
Why can't these certificates and keys work with the latest SDK? What are the differences in certificate and Key management between the latest SDK and the previous version?How do I apply the certificate and key obtained from the SDK of an earlier version to the latest version?
The text was updated successfully, but these errors were encountered: