1 Reply by ccww

(6 replies, posted in wolfSSL)

Added a bit more debug:

The type in the alert message is 47. (Illegal parameter: A field in the handshake was out of range or inconsistent with other fields. This is always fatal.)

Thanks.

Go to forum: wolfSSL

2 Reply by ccww

(6 replies, posted in wolfSSL)

Hi,

I have also ran the client by loading the public CA cert downloaded from verisign  (knowledge center) website. Still I receive the same error. Got Alert Fatal (-213)

Attached is the CA cert.

Thanks.

Go to forum: wolfSSL

3 Topic by ccww

(6 replies, posted in wolfSSL)

Hi,

I am integrating Cyassl (cyassl-1.9.0) into our embedded system (Use Nucleus RTOS).  We will be buying the commercial licence once we got it working in our embedded device...

When I run Cyassl to connect to SUPL server (A-GPS servers), device is receiving fatal alert message. error -213. 

Cyassl Log pasted below.

I receive this alert fatal message with all three A-GPS servers that I have tried with.

   Server                        Port

   supl.nokia.com          7275
   supl.google.com        7275
   supl.vodafone.com     7275


Can you please suggest what might be going wrong?

Thank you very much.

Best Regards,
-- ccww

###################################################

Following is the Cyassl debug:
----------------------------------------

SSL: CyaSSL Entering SSL_connect()
SSL: connect state: CLIENT_HELLO_SENT
SSL: growing input buffer
SSL: received record layer msg
SSL: SSL: CyaSSL Entering DoHandShakeMsg()
SSL: processing server hello
SSL: SSL: CyaSSL Leaving DoHandShakeMsg(), return 0
SSL: received record layer msg
SSL: SSL: CyaSSL Entering DoHandShakeMsg()
SSL: processing certificate
SSL: SSL: CyaSSL Leaving DoHandShakeMsg(), return 0
SSL: received record layer msg
SSL: SSL: CyaSSL Entering DoHandShakeMsg()
SSL: processing server hello done
SSL: SSL: CyaSSL Leaving DoHandShakeMsg(), return 0
SSL: connect state: HELLO_AGAIN
SSL: connect state: HELLO_AGAIN_REPLY
SSL: connect state: FIRST_REPLY_DONE
SSL: connect state: FIRST_REPLY_FIRST
SSL: growing output buffer
SSL: Shrinking output buffer
SSL: connect state: FIRST_REPLY_SECOND
SSL: connect state: FIRST_REPLY_THIRD
SSL: connect state: FIRST_REPLY_FOURTH
SSL: connect state: FINISHED_DONE
SSL: received record layer msg
SSL: got ALERT!
SSL: SSL: CyaSSL error occurred, error = -213
SSL: err = -213, revcd alert fatal error
*** SSL: Error SSL_connect failed


#####################################################

Following is my Cyassl client call flow :
------------------------------------------------------

#######################################################

InitCyaSSL ();

CyaSSL_Debugging_ON ();

method = SSLv3_client_method ();
/* Also tried: TLSv1_client_method() */

ssl_ctx = SSL_CTX_new (method);

/* For testing purpose using the ca-cert.pem provided by Cyassl in certs directory.
    buff contains ca-cert.pem  (size = 3012) */

CyaSSL_CTX_load_verify_buffer (ssl_ctx, buff, size, SSL_FILETYPE_PEM);

/* Test purpose.. No verification */
ssl_set_verify_cb_fn (ssl_ctx, SSL_VERIFY_NONE, 0);

Nucleus TCP Socket Connected... sockid

ssl = SSL_new (ssl_ctx);

SSL_set_fd (ssl, sockid);

if (SSL_connect (ssl) != SSL_SUCCESS)
{
    char buffer[80];
    int  err = SSL_get_error (s, 0);

    ssl_print (AREA1, "SSL: err = %d, %s\n", err, ERR_error_string(err, buffer));
    ssl_print (AREA1, "*** SSL: Error SSL_connect failed");
    return SSL_FAILURE;
}

#########################################################

By any chance,  is this error to do with CA certificate?  If so,  can you please suggest me how I can obtain a
correct CA certificate for testing purpose to connect to the above mentioned SUPL servers?

Thanks in advance.

Go to forum: wolfSSL