You are not logged in.

Dear visitor, welcome to Round Solutions M2M and wireless Support Forum. If this is your first visit here, please read the Help. It explains in detail how this page works. To use all features of this page, you should consider registering. Please use the registration form, to register here or read more information about the registration process. If you are already registered, please login here.

1

Friday, February 23rd 2018, 5:05am

GL865 Quad V3 unable to connect https server installed with self-signed CA certificate

Dear All,

We are using GL-865-Quad V3 GSM module. The firmware version of module is 16.01.14.
I have referred "Telit_SSL-TLS_User_Guide_r12.pdf" user guide and tried to connect to our test server (Apache Tomcat server) using GSM module.
When we are trying to connect server, we are getting an error message "+CME ERROR: SSL error during handshake" from GSM module. The CA certificate installed on server is self-signed certificate.

We can able to connect www.google.co.uk, but we are unable to our server.

Please find our test log below and help us to connect to our server.



AT

OK

ATE0

ATE0

OK

AT+CMEE=2


OK

AT+CGDCONT =1,"IP","LIVE.VODAFONE.COM"


OK

AT#SGACT =1,0


OK


46:01.950 AT#SGACT =1,1

46:02.433
#SGACT: 10.151.217.196

OK

AT#SSLEN =1,0


OK

AT#SSLEN =1,1


OK

AT#SSLSECCFG =1,0,0


OK

AT#SSLCFG =1,1,1024,90,100,50


OK

AT#SSLSECDATA =1,1,1,1444


>
53:35.236 -----BEGIN CERTIFICATE-----<LF>
----------------------------------------------
< CA Certificate in PEM format >
----------------------------------------------
-----END CERTIFICATE-----<LF>

<SUB>

OK

AT#CPUMODE=4


OK

AT#SSLD = 1,443,"www.xyz.com",0,0

+CME ERROR: SSL error during handshake

Thanks & Regards
Prashanth K

2

Thursday, March 1st 2018, 5:36pm

Dear Prashanth K,
The most common reasons for SSL handshake error are due to:

  • incorrect CA certificate (not the true root)
  • During the handshake process, the server is sending a certificate that is higher as SHA-256 signature algorithm, but the GL865 SSL client only supports up to SHA-256, if I remember right, so the handshake will fail.

Please check this points and report.

Regards,
Hüseyin

Rate this thread