Hi @AIMA9115
According to this post:
Even if AWS says it supports ECDSA, when I disable RSA cipersuites, leaving only ECDSA, the AWS server replies with a fatal alert (Handshake Failure).
So it is quite possible that the ECC certificate is not expected.
Anyway, in the server logs I see the following:
Verification error: self signed certificate in certificate chain
This probably means that the root certificate of your client should not be self signed. You client certificate should be signed by a CA trusted by the AWS MQTT server.
Regards,
Mbed TLS Support
Ron