Mbedtls handshake write certificate verify problem

Hello,
I’m using MbedTLS for STM32 with W5500 and without LwIP to connect MQTT broker over SSL.
I’m stuck at the write change cipher spec step, but I think because the socket was closed after the write certificate verify step.
Does anyone know about this problem? Thank you for any support.
This is my log

status: 23
…/Core/Src/ssl_tls.c:2779: ssl->f_send() returned 143 (-0xffffff71)
…/Core/Src/ssl_tls.c:2807: <= flush output
…/Core/Src/ssl_tls.c:3476: <= write record
…/Core/Src/ssl_tls.c:3320: <= write handshake message
…/Middlewares/Third_Party/mbedTLS/library/ssl_cli.c:3172: <= write client key exchange
…/Middlewares/Third_Party/mbedTLS/library/ssl_cli.c:3510: client state: 9
…/Core/Src/ssl_tls.c:2755: => flush output
…/Core/Src/ssl_tls.c:2767: <= flush output
…/Middlewares/Third_Party/mbedTLS/library/ssl_cli.c:3224: => write certificate verify
…/Core/Src/ssl_tls.c:0628: => derive keys
…/Core/Src/ssl_tls.c:0705: dumping ‘premaster secret’ (66 bytes)
…/Core/Src/ssl_tls.c:0705: 0000: 01 93 83 56 ca 1c 05 5a cc 3c 5b a0 34 5a 22 18 …V…Z.<[.4Z".
…/Core/Src/ssl_tls.c:0705: 0010: 73 1c c6 bf 67 21 1d 47 e6 a4 59 e2 cb b2 90 6b s…g!.G…Y…k
…/Core/Src/ssl_tls.c:0705: 0020: d0 82 b4 3f c2 21 a4 30 a0 20 d5 dd 8a 2a 49 92 …?.!.0. …*I.
…/Core/Src/ssl_tls.c:0705: 0030: ba 92 ca 74 cb 51 36 82 bb 92 cb f3 d7 a9 c9 13 …t.Q6…
…/Core/Src/ssl_tls.c:0705: 0040: 0f 08 …
…/Core/Src/ssl_tls.c:0794: ciphersuite = TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
…/Core/Src/ssl_tls.c:0796: dumping ‘master secret’ (48 bytes)
…/Core/Src/ssl_tls.c:0796: 0000: 26 70 1f 75 bd 2e 08 b2 52 24 07 a6 ad 78 5e 35 &p.u…R$…x^5
…/Core/Src/ssl_tls.c:0796: 0010: 85 14 44 6a 51 00 da 3b 4d 14 b9 bd 01 07 2b fa …DjQ…;M…+.
…/Core/Src/ssl_tls.c:0796: 0020: 6d 25 7b b8 f1 16 13 1d 82 b4 05 eb 13 5e 35 97 m%{…^5.
…/Core/Src/ssl_tls.c:0797: dumping ‘random bytes’ (64 bytes)
…/Core/Src/ssl_tls.c:0797: 0000: 1f 40 b1 e9 bb c1 c8 ba f9 24 5b 06 19 b8 d8 33 .@…$[…3
…/Core/Src/ssl_tls.c:0797: 0010: 85 74 84 0f 6d 35 95 5e 44 4f 57 4e 47 52 44 01 .t…m5.^DOWNGRD.
…/Core/Src/ssl_tls.c:0797: 0020: 67 3d 97 08 1e d8 f9 6e 4d 9d e2 bc 58 37 80 4f g=…nM…X7.O
…/Core/Src/ssl_tls.c:0797: 0030: da 30 c9 eb 44 24 97 da 76 fd 63 68 55 60 99 80 .0…D$…v.chU`…

…/Core/Src/ssl_tls.c:0798: dumping ‘key block’ (256 bytes)
…/Core/Src/ssl_tls.c:0798: 0000: b2 9a 30 4a 13 90 6c a2 fa 37 f9 a7 7d 2d 32 75 …0J…l…7…}-2u
…/Core/Src/ssl_tls.c:0798: 0010: aa 4c 63 c7 c1 0c 7e b1 38 81 e0 dd 02 8b 6d ed .Lc…~.8…m.
…/Core/Src/ssl_tls.c:0798: 0020: fe 6a 4f 74 3f d8 88 d6 9e 32 ff ed 9f 0a bd b3 .jOt?..2…
…/Core/Src/ssl_tls.c:0798: 0030: eb 0f 3a b3 10 51 db 3c c1 21 2b aa d1 08 0a d8 …:…Q.<.!+…
…/Core/Src/ssl_tls.c:0798: 0040: 3d 34 1b 49 7f 30 52 20 d9 71 a2 13 f4 fd e2 2c =4.I.0R .q…,
…/Core/Src/ssl_tls.c:0798: 0050: 80 78 f8 1b 30 0a 6f 6c 81 8b 99 90 e0 36 83 a4 .x…0.ol…6…
…/Core/Src/ssl_tls.c:0798: 0060: c1 87 bf 59 b7 36 4e a0 a9 63 e7 c6 26 40 2a fc …Y.6N…c…&@*.
…/Core/Src/ssl_tls.c:0798: 0070: a1 a0 3d 6e f1 6e 29 d7 e1 1d 25 57 64 d0 41 e2 …=n.n)…%Wd.A.
…/Core/Src/ssl_tls.c:0798: 0080: 29 7b a0 4f cf a5 91 04 61 08 1c ff 0d 2c 77 48 ){.O…a…,wH
…/Core/Src/ssl_tls.c:0798: 0090: 38 22 22 13 c4 d0 77 37 85 eb 88 92 0c 19 79 28 8"“…w7…y(
…/Core/Src/ssl_tls.c:0798: 00a0: 16 a6 82 20 7d 72 72 b1 06 6d d1 5a a4 a0 8b fb … }rr…m.Z…
…/Core/Src/ssl_tls.c:0798: 00b0: bc e9 23 f1 8b e7 1d 9d 70 7c 96 b9 b5 dc 8f 89 …#…p|…
…/Core/Src/ssl_tls.c:0798: 00c0: f6 1b 27 30 5f 58 aa 0f 0d bf e5 c3 ca e8 d0 90 …'0_X…
…/Core/Src/ssl_tls.c:0798: 00d0: 8f 3e 1a 51 38 96 5a 56 9f c4 06 e9 58 f5 7a 1f .>.Q8.ZV…X.z.
…/Core/Src/ssl_tls.c:0798: 00e0: 11 64 f2 9e 85 fd 5d 3a 3a d9 89 05 22 ca d7 14 .d…]::…”…
…/Core/Src/ssl_tls.c:0798: 00f0: 4f 6a 7b d3 e4 de 99 46 45 3d 66 bd b1 94 31 a9 Oj{…FE=f…1.
…/Core/Src/ssl_tls.c:0919: keylen: 32, minlen: 24, ivlen: 12, maclen: 0
…/Core/Src/ssl_tls.c:1116: <= derive keys
…/Core/Src/ssl_tls.c:1226: => calc verify sha384
…/Core/Src/ssl_tls.c:1231: dumping ‘calculated verify result’ (48 bytes)
…/Core/Src/ssl_tls.c:1231: 0000: 05 99 8d 7c 5c c3 65 54 a0 56 f7 d3 37 b3 14 2d …|.eT.V…7…-
…/Core/Src/ssl_tls.c:1231: 0010: d3 dc a2 13 db 7b eb 58 81 05 ea 99 02 ad a9 c5 …{.X…
…/Core/Src/ssl_tls.c:1231: 0020: f6 fc c0 d7 fd 7c 94 e8 62 a6 63 01 67 6d a8 a3 …|…b.c.gm…
…/Core/Src/ssl_tls.c:1232: <= calc verify
…/Core/Src/ssl_tls.c:3184: => write handshake message
…/Core/Src/ssl_tls.c:3343: => write record
…/Core/Src/ssl_tls.c:3420: output record: msgtype = 22, version = [3:3], msglen = 264
…/Core/Src/ssl_tls.c:3425: dumping ‘output record sent to network’ (269 bytes)
…/Core/Src/ssl_tls.c:3425: 0000: 16 03 03 01 08 0f 00 01 04 05 01 01 00 6a 26 3e …j&>
…/Core/Src/ssl_tls.c:3425: 0010: 41 a0 31 48 f1 aa 13 90 1c 26 8f 43 7a c9 95 a4 A.1H…&.Cz…
…/Core/Src/ssl_tls.c:3425: 0020: 80 79 5c 88 31 17 0e 56 a6 63 91 46 71 77 21 44 .y.1…V.c.Fqw!D
…/Core/Src/ssl_tls.c:3425: 0030: 5d c6 1c 6f e2 a8 b6 16 88 3d 3d 87 6c ae 0c 3f ]…o…==.l…?
…/Core/Src/ssl_tls.c:3425: 0040: 78 64 f1 98 ec 0b e5 5e 07 fa aa 2f a4 73 94 78 xd…^…/.s.x
…/Core/Src/ssl_tls.c:3425: 0050: 57 a8 65 fd b9 e9 48 1b 52 f7 35 e5 3a b9 2c 53 W.e…H.R.5.:.,S
…/Core/Src/ssl_tls.c:3425: 0060: ee 4f 10 3d 8a 5e 99 61 95 81 ab 11 8b 0a dd 52 .O.=.^.a…R
…/Core/Src/ssl_tls.c:3425: 0070: a4 62 f3 98 d8 cf b3 98 b5 f8 60 4f 42 c0 02 21 .b…`OB…!
…/Core/Src/ssl_tls.c:3425: 0080: 5b 9d f3 53 d7 8f 79 cb 91 04 78 ef f1 51 65 de […S…y…x…Qe.
…/Core/Src/ssl_tls.c:3425: 0090: 89 f3 be 40 71 b5 c3 0b 75 6c 93 ea 2a 50 a4 6d …@q…ul…P.m
…/Core/Src/ssl_tls.c:3425: 00a0: 69 73 bd fd e5 c4 c7 66 bc fa 6e f4 e0 26 bc f5 is…f…n…&…
…/Core/Src/ssl_tls.c:3425: 00b0: e7 6f 01 59 c8 eb fa 9c 1d ed 8a 62 f4 ad 84 d2 .o.Y…b…
…/Core/Src/ssl_tls.c:3425: 00c0: 8b 29 f3 e9 2c 9b 47 a6 bc b7 fc 5e 06 33 0f 61 .)…,.G…^.3.a
…/Core/Src/ssl_tls.c:3425: 00d0: b0 b2 e1 84 29 4d 92 f6 ba 33 1c 07 ad c5 e5 a2 …)M…3…
…/Core/Src/ssl_tls.c:3425: 00e0: 13 2a dd 6c 86 4a 07 5e 02 46 b1 1a 3a 74 f2 80 .
.l.J.^.F…:t…
…/Core/Src/ssl_tls.c:3425: 00f0: 11 89 91 ae 4f 9d 50 46 b2 b2 ac 48 05 b1 e6 5b …O.PF…H…[
…/Core/Src/ssl_tls.c:3425: 0100: 08 11 5c 19 30 2b 91 f4 d7 c0 51 b1 2c ….0+…Q.,
…/Core/Src/ssl_tls.c:2755: => flush output
…/Core/Src/ssl_tls.c:2773: message length: 269, out_left: 269
status: 28
…/Core/Src/ssl_tls.c:2779: ssl->f_send() returned 269 (-0xfffffef3)
…/Core/Src/ssl_tls.c:2807: <= flush output
…/Core/Src/ssl_tls.c:3476: <= write record
…/Core/Src/ssl_tls.c:3320: <= write handshake message
…/Middlewares/Third_Party/mbedTLS/library/ssl_cli.c:3383: <= write certificate verify
…/Middlewares/Third_Party/mbedTLS/library/ssl_cli.c:3510: client state: 10
…/Core/Src/ssl_tls.c:2755: => flush output
…/Core/Src/ssl_tls.c:2767: <= flush output
…/Core/Src/ssl_tls.c:5879: => write change cipher spec
…/Core/Src/ssl_tls.c:3184: => write handshake message
…/Core/Src/ssl_tls.c:3343: => write record
…/Core/Src/ssl_tls.c:3420: output record: msgtype = 20, version = [3:3], msglen = 1
…/Core/Src/ssl_tls.c:3425: dumping ‘output record sent to network’ (6 bytes)
…/Core/Src/ssl_tls.c:3425: 0000: 14 03 03 00 01 01 …
…/Core/Src/ssl_tls.c:2755: => flush output
…/Core/Src/ssl_tls.c:2773: message length: 6, out_left: 6
status: 0
…/Core/Src/ssl_tls.c:2779: ssl->f_send() returned -78 (-0x004e)
…/Core/Src/ssl_tls.c:3472: mbedtls_ssl_flush_output() returned -78 (-0x004e)
…/Core/Src/ssl_tls.c:3315: ssl_write_record() returned -78 (-0x004e)
…/Core/Src/ssl_tls.c:5889: mbedtls_ssl_write_handshake_msg() returned -78 (-0x004e)
…/Core/Src/ssl_tls.c:8094: <= handshake
Failed to handshake. Error: NET - Sending information through the socket failed
mbedtls_ssl_handshake failed.
…/Core/Src/ssl_tls.c:8934: => free
…/Core/Src/ssl_tls.c:8999: <= free
net_connect failed.