Teddycloud Error=537 (ESP32)

Hello Community,

I love the topic and was very excited about this project. But currently I’m a bit stuck in the dark.
No matter what I’m doing, I get an Error=537 once I followed the tutorial.
I learned already that 537 means “ERROR_UNKNOWN_CA”
But I don’T really find a solution.

I have an PI where I created a docker-compose based on the template from github. I could reach the webfrontend and could read the ESP32 firmware over the debugging port and so far everyting looks good.
But whenever I execute this command “teddycloud ESP32CERT extract data/firmware/ESP32_.bin certs/client” I get a weird error message from the cert export. See picture attached:

I already freshly re-created the container or deleted the cert/server certificates to get new one but no luck. It keeps repeating this issue.

Nevertheless the cert/client files get created and make them all lowercase as requested in the tutorial.

Once I complete the setup and try to enable the cloud I get all the time the ERROR=537 error message. Restart of the container doesn’T change anything unfortunately.

I have a pi-hole as container as well but even if I disable blocking, it doesn’t change. The Container itself could reach the internet and for example “prod.de.tbs.toys”. I had no local DNS entries or special settings.

As last option I re-created the container with MACVLAN enabled and gave it a dedicated IP address but this wasn’t the solution either.

I read the firmware now three times, resoldered the tonibox to avoid any connection or write issues but non of this helped.

Attached a couple of more screenshots and logs, which may be relevant. I’m super frustrated and thankfull for any help.


Those error messages are totally fine, as at this moment the client certificates are missing.

From your last screenshot I can see, that the CA of the server and client dir are identical in size. Please check the server CA if it is from Boxine.

It seems to be the case, that you have modified you esp32 flash and replaced the boxine CA with the teddyCloud CA. Because you did the process a second time you extracted your teddyCloud CA from your already modified flash.
Please extract the boxine CA from a former backup and place it into the client cert dir. This should fix your problem.

Hello @0xbadbee,

Are you a early bird or a even later owl like me? :wink:
Thank you for your super helpful advice! I will try it until tomorrow and come back to you.

Indeed I extracted the certificates twice due to my above issues.

I give you a update soon.

Thank you


i just copied the original (first) backup to the container. When you mean “extract the boxine certificate” you mean to execute below command?

teddycloud ESP32CERT extract data/firmware/ESP32_f412fac77178.bin certs/server

mv certs/server/CLIENT.DER certs/server/client.der
mv certs/server/PRIVATE.DER certs/server/private.der
mv certs/server/CA.DER certs/server/ca.der

If I do so and restart the server, I get a new error message “ERROR=304”

Thank you for your help

cert/server looks like this now:



I slowly start to understand the setup. I digged a bit deeper and created a fresh container and copied the original ESP32.bin to the new container. Additionally I copied the config/. folder over to the new container. Now I have a clean log with HTTP code: 200

The only missing piece now is the the tonibox itself. I get the error message “owl”. IP address kept the same but I assume the certificate on the box is maybe not correct as I flashed it yesterday a second time with (most properly) a misconfigured firmware.

What would be the right approach to solve this issue? Just follow the tutorial 1:1 one more time without the certificate extraction or something else?

Thank you very much for the help! :slight_smile:



I mean just redo the extraction step and replace the wrong CA in your client dir with the boxine one. (I had a typo in the last sentence and wrote server instead of client, as the ca.der of the box needs to go into the client dir)

Maybe because of the above?

Did you update your box beforehand?

The log is not okay, as it shows that the connection is not detected as a Toniebox. Maybe it was just a connection from the webinterface?

The best way to test the connection is a freshnessCheck. So just press one ear of the box long.

Hello @0xbadbee,

I placed the ca.der in the /certs/client folder now. Afterwards I restarted the container and get below logs now:

The tonibox itself still gives a “owl/Eule” error message.

Would it be a good idea to to the read / patch / write process from scratch and re-image the tonibox again?

Thank you for your help until here!



Hello all,

I found the solution my own way.

I started the flashing process from scratch and did the below steps:

  1. Read the ESP32 over the web GUI
  2. logged in to container
  3. renamed the just read firmware file to ESP32.bin.bak
  4. Gave the original firmware from the very first backup the name of the read files ESP32.bin
    5.Went back to the web GUI
    6.Pressed the patch button
    7.Wrote the patched firmware to the tonibox

Now I get all ID’s and have no connection issues anymore.

Thank you for the help in the forum! Looking forward to do more fun stuff with it now!


A post was split to a new topic: HTTP error 304 - ESP32