OTA failed with SSL verfication failed
Posted: Sat Jan 25, 2020 12:54 pm
Hi i am trying add ota support to firmware, while running code i get SSL verification failed
following is the log for same
My esp32 idf version is 3.2.2, and i am trying the example from the Luca tutorial repository , github link for project
I am very confused with SSL certificate, on my website i get Certificate and issuer certificate and private Key, i have no idea which to pass to esp32 for verification.
all the certificate and key are in created in a Base-64 based PEM format.
i try to validate certificate on online tool it showed valid but when i was trying with opnessl command it failed, so i think first i have to figure out valid certificate pass , need help in this
Regards
Sushant
following is the log for same
Code: Select all
[0;31mE (347490) esp-tls: mbedtls_ssl_handshake returned -0x2700[0m
[0;32mI (347490) esp-tls: Failed to verify peer certificate![0m
[0;32mI (347490) esp-tls: verification info: ! The certificate is not correctly signed by the trusted CA
[0m
[0;31mE (347500) esp-tls: Failed to open new connection[0m
[0;31mE (347510) TRANS_SSL: Failed to open a new connection[0m
[0;31mE (347510) HTTP_CLIENT: Connection failed, sock < 0[0m
[0;31mE (347520) esp_https_ota: Failed to open HTTP connection: ESP_ERR_HTTP_CONNECT[0m
OTA failed...Code: Select all
[0;32mI (30) boot: ESP-IDF v3.2.2-dirty 2nd stage bootloader[0m
[0;32mI (30) boot: compile time 17:08:19[0m
[0;32mI (30) boot: Enabling RNG early entropy source...[0m
[0;32mI (35) boot: SPI Speed : 40MHz[0m
[0;32mI (39) boot: SPI Mode : DIO[0m
[0;32mI (43) boot: SPI Flash Size : 4MB[0m
[0;32mI (48) boot: Partition Table:[0m
[0;32mI (51) boot: ## Label Usage Type ST Offset Length[0m
[0;32mI (58) boot: 0 nvs WiFi data 01 02 00009000 00006000[0m
[0;32mI (66) boot: 1 phy_init RF data 01 01 0000f000 00001000[0m
[0;32mI (73) boot: 2 factory factory app 00 00 00010000 00100000[0m
[0;32mI (81) boot: End of partition table[0mall the certificate and key are in created in a Base-64 based PEM format.
i try to validate certificate on online tool it showed valid but when i was trying with opnessl command it failed, so i think first i have to figure out valid certificate pass , need help in this
Regards
Sushant