ESP32 Forum

I am simply trying to run the smtp_client example and I am getting an error which I have not found a solution:
220 2.0.0 Ready to start TLS
I (7575) smtp_example: Performing the SSL/TLS handshake...
E (8365) smtp_example: mbedtls_ssl_handshake returned -0x2700
E (8365) smtp_example: Last error was: -0x2700 - X509 - Certificate verification failed, e.g. CRL, CA or signature check failed

It should be trying to connect to smtpauth.hosting.earthlink.net which I routinely use with the thunderbird email client. The example comes with a server_root_cert.pem file, but is that even relevant when I am just trying to connect as a client?

I figured it out by reading the example source:
/**
* Root cert for smtp.googlemail.com, taken from server_root_cert.pem
*
* The PEM file was extracted from the output of this command:
* openssl s_client -showcerts -connect smtp.googlemail.com:587 -starttls smtp
*
* The CA root cert is the last cert given in the chain of certs.
*
* To embed it in the app binary, the PEM file is named
* in the component.mk COMPONENT_EMBED_TXTFILES variable.
*/

I ran the openssl command above with smtpauth.hosting.earthlink.net:587 and replaced the server_root_cert.pem with the contents of the last certificate in the chain, rebuilt the project, and it worked all the way through.

I hope this helps someone else with this error.