Good Day
I'm about to pull out all the remaining hair in my head. So if anybody can help me, I would honestly really appreciate it.
So my code works perfectly fine connecting to the test mosquito broker over TLS using the two certificates and private key. No issues at all. The Example MQTT Mutual Auth TLS.
So I want to try connect to my own AWS IOT MQTT server and I have signed my own certificates. I know my certificates are correct because they work 100% in MQTTX and I can publish messages and subscribe etc. Please note that I have to disable SSL Secure as its one-way Mutual Auth.
So I changed my URI to the amazon ATS (with correct port etc). I copied in my Certs correctly. I enabled the "skip server certificate verification" in menuconfig.
No matter what I do, I cannot fix the current issue I'm getting. I have attached my debug logs. Here is a snippet of where it always fails. But please see logs for full log.
W (87937) mbedtls: ssl_tls.c:7330 x509_verify_cert() returned -9984 (-0x2700)
I (87937) mbedtls: ssl_msg.c:5103 => send alert message
I (87937) mbedtls: ssl_msg.c:2948 => write record
I (87947) mbedtls: ssl_msg.c:2358 => flush output
I (87947) mbedtls: ssl_msg.c:2372 message length: 7, out_left: 7
I (87957) mbedtls: ssl_msg.c:2379 ssl->f_send() returned 7 (-0xfffffff9)
I (87967) mbedtls: ssl_msg.c:2406 <= flush output
I (87967) mbedtls: ssl_msg.c:3085 <= write record
I (87977) mbedtls: ssl_msg.c:5115 <= send alert message
I (87977) mbedtls: ssl_tls.c:3930 <= handshake
E (87987) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0x2700
I (87997) esp-tls-mbedtls: Failed to verify peer certificate!
E (87997) esp-tls: Failed to open new connection
E (88007) transport_base: Failed to open a new connection
E (88017) mqtt_client: Error transport connect
mbedtls_ssl_handshake returned -0x2700
-
devonmagan
- Posts: 1
- Joined: Fri May 10, 2024 1:03 pm
mbedtls_ssl_handshake returned -0x2700
- Attachments
-
- Debug Logs.txt
- Debug Logs
- (8.59 KiB) Downloaded 142 times
-
289886252@qq.com
- Posts: 1
- Joined: Wed Jun 19, 2024 12:04 pm
Re: mbedtls_ssl_handshake returned -0x2700
First, use tools such as mqtt.fx to confirm that your certificate is correct.
Then exclude your code, as there may be code conflicts.
Also, it is recommended to use a newer version of the mqtt proxy.
From this:
“I (87997) esp-tls-mbedtls: Failed to verify peer certificate!”
it seems that your certificate does not match
Then exclude your code, as there may be code conflicts.
Also, it is recommended to use a newer version of the mqtt proxy.
From this:
“I (87997) esp-tls-mbedtls: Failed to verify peer certificate!”
it seems that your certificate does not match
Who is online
Users browsing this forum: No registered users and 25 guests