mbedtls_ssl_handshake returned -0x2700
Posted: Fri May 10, 2024 1:25 pm
Good Day
I'm about to pull out all the remaining hair in my head. So if anybody can help me, I would honestly really appreciate it.
So my code works perfectly fine connecting to the test mosquito broker over TLS using the two certificates and private key. No issues at all. The Example MQTT Mutual Auth TLS.
So I want to try connect to my own AWS IOT MQTT server and I have signed my own certificates. I know my certificates are correct because they work 100% in MQTTX and I can publish messages and subscribe etc. Please note that I have to disable SSL Secure as its one-way Mutual Auth.
So I changed my URI to the amazon ATS (with correct port etc). I copied in my Certs correctly. I enabled the "skip server certificate verification" in menuconfig.
No matter what I do, I cannot fix the current issue I'm getting. I have attached my debug logs. Here is a snippet of where it always fails. But please see logs for full log.
W (87937) mbedtls: ssl_tls.c:7330 x509_verify_cert() returned -9984 (-0x2700)
I (87937) mbedtls: ssl_msg.c:5103 => send alert message
I (87937) mbedtls: ssl_msg.c:2948 => write record
I (87947) mbedtls: ssl_msg.c:2358 => flush output
I (87947) mbedtls: ssl_msg.c:2372 message length: 7, out_left: 7
I (87957) mbedtls: ssl_msg.c:2379 ssl->f_send() returned 7 (-0xfffffff9)
I (87967) mbedtls: ssl_msg.c:2406 <= flush output
I (87967) mbedtls: ssl_msg.c:3085 <= write record
I (87977) mbedtls: ssl_msg.c:5115 <= send alert message
I (87977) mbedtls: ssl_tls.c:3930 <= handshake
E (87987) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0x2700
I (87997) esp-tls-mbedtls: Failed to verify peer certificate!
E (87997) esp-tls: Failed to open new connection
E (88007) transport_base: Failed to open a new connection
E (88017) mqtt_client: Error transport connect
I'm about to pull out all the remaining hair in my head. So if anybody can help me, I would honestly really appreciate it.
So my code works perfectly fine connecting to the test mosquito broker over TLS using the two certificates and private key. No issues at all. The Example MQTT Mutual Auth TLS.
So I want to try connect to my own AWS IOT MQTT server and I have signed my own certificates. I know my certificates are correct because they work 100% in MQTTX and I can publish messages and subscribe etc. Please note that I have to disable SSL Secure as its one-way Mutual Auth.
So I changed my URI to the amazon ATS (with correct port etc). I copied in my Certs correctly. I enabled the "skip server certificate verification" in menuconfig.
No matter what I do, I cannot fix the current issue I'm getting. I have attached my debug logs. Here is a snippet of where it always fails. But please see logs for full log.
W (87937) mbedtls: ssl_tls.c:7330 x509_verify_cert() returned -9984 (-0x2700)
I (87937) mbedtls: ssl_msg.c:5103 => send alert message
I (87937) mbedtls: ssl_msg.c:2948 => write record
I (87947) mbedtls: ssl_msg.c:2358 => flush output
I (87947) mbedtls: ssl_msg.c:2372 message length: 7, out_left: 7
I (87957) mbedtls: ssl_msg.c:2379 ssl->f_send() returned 7 (-0xfffffff9)
I (87967) mbedtls: ssl_msg.c:2406 <= flush output
I (87967) mbedtls: ssl_msg.c:3085 <= write record
I (87977) mbedtls: ssl_msg.c:5115 <= send alert message
I (87977) mbedtls: ssl_tls.c:3930 <= handshake
E (87987) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0x2700
I (87997) esp-tls-mbedtls: Failed to verify peer certificate!
E (87997) esp-tls: Failed to open new connection
E (88007) transport_base: Failed to open a new connection
E (88017) mqtt_client: Error transport connect