MbedTLS

a8Chcx · ‎08-11-2025

Hi,

I am using MbedTLS sample project to talk to HTTPS server. I got the following error during hanshake.

1) When I send ClientHello, I got Alert Message Level = 2, description 40(handshake failure).

2) When I try to use curl or chrome to talk to my server, it works fine...

I checked the Ciper suite, server accepts TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384(0xc030). I checked it on my client side, it is included in cipher suites.

Can anybody help me to find where the problem is?

Thanks,

Christie

Celeste_Liu · ‎08-11-2025

Hello @a8Chcx ,

Thanks for your post.

Could you please help answer the following questions first?

1) Which MCU are you using?
2) IDE and its version;
3) Are you using the demo from the SDK? Have you made any modifications? If yes, please provide the SDK version and the demo name.

I will conduct tests on my end.

BRs,

Celeste

a8Chcx · ‎08-12-2025

Hi Celeste,

Thank you for your e-mail.

1) MCU is K66F

2) IDE MCUXpresso V11.5.0

3) I am using SDK demo with my modifications. SDK2.11.0

I tested with other server and works fine. The only difference between two servers is one uses 0xC02F(working), the other uses 0xC030(not working). Is there any setting needed for 0xC030?

Thanks,

Christie

Celeste_Liu · ‎08-13-2025

Hello a8Chcx, I also checked the Ciper suite of lwip_httpssrv_mbedTLS_bm demo, it indeed accepts TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384. Since curl and Chrome can work properly, it indicates that the server configuration is basically correct. The problem is likely to lie in the compilation options or runtime configuration of the client MbedTLS, especially the incomplete support for high-security suites.