You are not logged in.

1

Friday, February 23rd 2018, 5:05am

GL865 Quad V3 unable to connect https server installed with self-signed CA certificate

Dear All,

We are using GL-865-Quad V3 GSM module. The firmware version of module is 16.01.14.
I have referred "Telit_SSL-TLS_User_Guide_r12.pdf" user guide and tried to connect to our test server (Apache Tomcat server) using GSM module.
When we are trying to connect server, we are getting an error message "+CME ERROR: SSL error during handshake" from GSM module. The CA certificate installed on server is self-signed certificate.

We can able to connect www.google.co.uk, but we are unable to our server.

Please find our test log below and help us to connect to our server.



AT

OK

ATE0

ATE0

OK

AT+CMEE=2


OK

AT+CGDCONT =1,"IP","LIVE.VODAFONE.COM"


OK

AT#SGACT =1,0


OK


46:01.950 AT#SGACT =1,1

46:02.433
#SGACT: 10.151.217.196

OK

AT#SSLEN =1,0


OK

AT#SSLEN =1,1


OK

AT#SSLSECCFG =1,0,0


OK

AT#SSLCFG =1,1,1024,90,100,50


OK

AT#SSLSECDATA =1,1,1,1444


>
53:35.236 -----BEGIN CERTIFICATE-----<LF>
----------------------------------------------
< CA Certificate in PEM format >
----------------------------------------------
-----END CERTIFICATE-----<LF>

<SUB>

OK

AT#CPUMODE=4


OK

AT#SSLD = 1,443,"www.xyz.com",0,0

+CME ERROR: SSL error during handshake

Thanks & Regards
Prashanth K

2

Thursday, March 1st 2018, 5:36pm

Dear Prashanth K,
The most common reasons for SSL handshake error are due to:

  • incorrect CA certificate (not the true root)
  • During the handshake process, the server is sending a certificate that is higher as SHA-256 signature algorithm, but the GL865 SSL client only supports up to SHA-256, if I remember right, so the handshake will fail.

Please check this points and report.

Regards,
Hüseyin

Rate this thread