diff --git a/components/esp_https_server/src/https_server.c b/components/esp_https_server/src/https_server.c
index f68ebc4f8d..f8693ffb94 100644
--- a/components/esp_https_server/src/https_server.c
+++ b/components/esp_https_server/src/https_server.c
@@ -327,6 +327,7 @@ static esp_err_t create_secure_context(const struct httpd_ssl_config *config, ht
             (*ssl_ctx)->tls_cfg->ecdsa_key_efuse_blk = config->ecdsa_key_efuse_blk;
 #else
             ESP_LOGE(TAG, "Please enable the support for signing using ECDSA peripheral in menuconfig.");
+            ret = ESP_ERR_NOT_SUPPORTED;
             goto exit;
 #endif
         } else if (config->prvtkey_pem != NULL && config->prvtkey_len > 0) {
diff --git a/components/mbedtls/port/aes/esp_aes_gcm.c b/components/mbedtls/port/aes/esp_aes_gcm.c
index d22f985093..9798fe475c 100644
--- a/components/mbedtls/port/aes/esp_aes_gcm.c
+++ b/components/mbedtls/port/aes/esp_aes_gcm.c
@@ -370,11 +370,17 @@ int esp_aes_gcm_starts( esp_gcm_context *ctx,
                         const unsigned char *iv,
                         size_t iv_len )
 {
+    if (!ctx) {
+        ESP_LOGE(TAG, "No AES context supplied");
+        return MBEDTLS_ERR_GCM_BAD_INPUT;
+    }
+
 #if defined(MBEDTLS_GCM_NON_AES_CIPHER_SOFT_FALLBACK)
     if (ctx->ctx_soft != NULL) {
         return mbedtls_gcm_starts_soft(ctx->ctx_soft, mode, iv, iv_len);
     }
 #endif
+
     /* IV is limited to 2^32 bits, so 2^29 bytes */
     /* IV is not allowed to be zero length */
     if ( iv_len == 0 ||
@@ -382,11 +388,6 @@ int esp_aes_gcm_starts( esp_gcm_context *ctx,
         return ( MBEDTLS_ERR_GCM_BAD_INPUT );
     }
 
-    if (!ctx) {
-        ESP_LOGE(TAG, "No AES context supplied");
-        return MBEDTLS_ERR_GCM_BAD_INPUT;
-    }
-
     if (!iv) {
         ESP_LOGE(TAG, "No IV supplied");
         return MBEDTLS_ERR_GCM_BAD_INPUT;
@@ -441,21 +442,22 @@ int esp_aes_gcm_update_ad( esp_gcm_context *ctx,
                            const unsigned char *aad,
                            size_t aad_len )
 {
+    if (!ctx) {
+        ESP_LOGE(TAG, "No AES context supplied");
+        return MBEDTLS_ERR_GCM_BAD_INPUT;
+    }
+
 #if defined(MBEDTLS_GCM_NON_AES_CIPHER_SOFT_FALLBACK)
     if (ctx->ctx_soft != NULL) {
         return mbedtls_gcm_update_ad_soft(ctx->ctx_soft, aad, aad_len);
     }
 #endif
+
     /* AD are limited to 2^32 bits, so 2^29 bytes */
     if ( ( (uint32_t) aad_len ) >> 29 != 0 ) {
         return ( MBEDTLS_ERR_GCM_BAD_INPUT );
     }
 
-    if (!ctx) {
-        ESP_LOGE(TAG, "No AES context supplied");
-        return MBEDTLS_ERR_GCM_BAD_INPUT;
-    }
-
     if ( (aad_len > 0) && !aad) {
         ESP_LOGE(TAG, "No aad supplied");
         return MBEDTLS_ERR_GCM_BAD_INPUT;
@@ -481,11 +483,17 @@ int esp_aes_gcm_update( esp_gcm_context *ctx,
                         unsigned char *output, size_t output_size,
                         size_t *output_length )
 {
+    if (!ctx) {
+        ESP_LOGE(TAG, "No GCM context supplied");
+        return MBEDTLS_ERR_GCM_BAD_INPUT;
+    }
+
 #if defined(MBEDTLS_GCM_NON_AES_CIPHER_SOFT_FALLBACK)
     if (ctx->ctx_soft != NULL) {
         return mbedtls_gcm_update_soft(ctx->ctx_soft, input, input_length, output, output_size, output_length);
     }
 #endif
+
     size_t nc_off = 0;
     uint8_t nonce_counter[AES_BLOCK_BYTES] = {0};
     uint8_t stream[AES_BLOCK_BYTES] = {0};
@@ -496,10 +504,6 @@ int esp_aes_gcm_update( esp_gcm_context *ctx,
     }
     *output_length = input_length;
 
-    if (!ctx) {
-        ESP_LOGE(TAG, "No GCM context supplied");
-        return MBEDTLS_ERR_GCM_BAD_INPUT;
-    }
     if (!input) {
         ESP_LOGE(TAG, "No input supplied");
         return MBEDTLS_ERR_GCM_BAD_INPUT;
@@ -656,6 +660,11 @@ int esp_aes_gcm_crypt_and_tag( esp_gcm_context *ctx,
                                size_t tag_len,
                                unsigned char *tag )
 {
+    if (!ctx) {
+        ESP_LOGE(TAG, "No AES context supplied");
+        return MBEDTLS_ERR_GCM_BAD_INPUT;
+    }
+
 #if defined(MBEDTLS_GCM_NON_AES_CIPHER_SOFT_FALLBACK)
     if (ctx->ctx_soft != NULL) {
         return mbedtls_gcm_crypt_and_tag_soft(ctx->ctx_soft, mode, length, iv, iv_len, aad, aad_len, input, output, tag_len, tag);
@@ -689,11 +698,6 @@ int esp_aes_gcm_crypt_and_tag( esp_gcm_context *ctx,
         return ( MBEDTLS_ERR_GCM_BAD_INPUT );
     }
 
-    if (!ctx) {
-        ESP_LOGE(TAG, "No AES context supplied");
-        return MBEDTLS_ERR_GCM_BAD_INPUT;
-    }
-
     if (!iv) {
         ESP_LOGE(TAG, "No IV supplied");
         return MBEDTLS_ERR_GCM_BAD_INPUT;
diff --git a/components/tcp_transport/transport_ssl.c b/components/tcp_transport/transport_ssl.c
index 547c82f484..7f0a4d78f3 100644
--- a/components/tcp_transport/transport_ssl.c
+++ b/components/tcp_transport/transport_ssl.c
@@ -1,5 +1,5 @@
 /*
- * SPDX-FileCopyrightText: 2015-2023 Espressif Systems (Shanghai) CO LTD
+ * SPDX-FileCopyrightText: 2015-2024 Espressif Systems (Shanghai) CO LTD
  *
  * SPDX-License-Identifier: Apache-2.0
  */
@@ -114,8 +114,11 @@ static int ssl_connect(esp_transport_handle_t t, const char *host, int port, int
     if (esp_tls_conn_new_sync(host, strlen(host), port, &ssl->cfg, ssl->tls) <= 0) {
         ESP_LOGE(TAG, "Failed to open a new connection");
         esp_tls_error_handle_t esp_tls_error_handle;
-        esp_tls_get_error_handle(ssl->tls, &esp_tls_error_handle);
-        esp_transport_set_errors(t, esp_tls_error_handle);
+        if (esp_tls_get_error_handle(ssl->tls, &esp_tls_error_handle) == ESP_OK) {
+            esp_transport_set_errors(t, esp_tls_error_handle);
+        } else {
+            ESP_LOGE(TAG, "Error in obtaining the error handle");
+        }
         goto exit_failure;
     }