What does mbed-tls error code -0x2700 mean?

If you see an error message like the following one on your microcontroller (such as ESP32):

E (137011) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0x2700

this means MBEDTLS_ERR_X509_CERT_VERIFY_FAILED.

Either you are using the wrong certificate on the server or you are using the wrong certificate on the mbed-tls side for verifying the certificate.

In order to check the server side, it is often helpful to check the server’s TLS certificate using OpenSSL:

openssl s_client -connect myhostname.com:443