Arm Mbed OS support forum

Please help me find out why mbedtls_ssl_handshake()failed!

1、I use the openssl command for test,it’s OK.

2、I use the mbedtls,use same CA ,client cert ,client pk,but failed.
this is the log:
=> handshake

client state: 0

=> flush output

<= flush output

client state: 1

=> flush output

<= flush output

=> write client hello

client hello, max version: [3:3]

client hello, current time: 1585880054

dumping ‘client hello, random bytes’ (32 bytes)

0000: 5e 86 9b f6 c6 4a 30 cb bf 02 98 8d 77 63 dd 9f ^…J0…wc…

0010: 22 89 5b fe 8f e9 a1 3a c7 65 f5 71 05 b3 59 d7 ".[…:.e.q…Y.

client hello, session id len.: 0

dumping ‘client hello, session id’ (0 bytes)

client hello, add ciphersuite: cca8

client hello, add ciphersuite: cca9

client hello, add ciphersuite: ccaa

client hello, add ciphersuite: c02c

client hello, add ciphersuite: c030

client hello, add ciphersuite: 009f

client hello, add ciphersuite: c0ad

client hello, add ciphersuite: c09f

client hello, add ciphersuite: c024

client hello, add ciphersuite: c028

client hello, add ciphersuite: 006b

client hello, add ciphersuite: c00a

client hello, add ciphersuite: c014

client hello, add ciphersuite: 0039

client hello, add ciphersuite: c0af

client hello, add ciphersuite: c0a3

client hello, add ciphersuite: c087

client hello, add ciphersuite: c08b

client hello, add ciphersuite: c07d

client hello, add ciphersuite: c073

client hello, add ciphersuite: c077

client hello, add ciphersuite: 00c4

client hello, add ciphersuite: 0088

client hello, add ciphersuite: c02b

client hello, add ciphersuite: c02f

client hello, add ciphersuite: 009e

client hello, add ciphersuite: c0ac

client hello, add ciphersuite: c09e

client hello, add ciphersuite: c023

client hello, add ciphersuite: c027

client hello, add ciphersuite: 0067

client hello, add ciphersuite: c009

client hello, add ciphersuite: c013

client hello, add ciphersuite: 0033

client hello, add ciphersuite: c0ae

client hello, add ciphersuite: c0a2

client hello, add ciphersuite: c086

client hello, add ciphersuite: c08a

client hello, add ciphersuite: c07c

client hello, add ciphersuite: c072

client hello, add ciphersuite: c076

client hello, add ciphersuite: 00be

client hello, add ciphersuite: 0045

client hello, add ciphersuite: c008

client hello, add ciphersuite: c012

client hello, add ciphersuite: 0016

client hello, add ciphersuite: ccac

client hello, add ciphersuite: ccad

client hello, add ciphersuite: 00ab

client hello, add ciphersuite: c0a7

client hello, add ciphersuite: c038

client hello, add ciphersuite: 00b3

client hello, add ciphersuite: c036

client hello, add ciphersuite: 0091

client hello, add ciphersuite: c091

client hello, add ciphersuite: c09b

client hello, add ciphersuite: c097

client hello, add ciphersuite: c0ab

client hello, add ciphersuite: 00aa

client hello, add ciphersuite: c0a6

client hello, add ciphersuite: c037

client hello, add ciphersuite: 00b2

client hello, add ciphersuite: c035

client hello, add ciphersuite: 0090

client hello, add ciphersuite: c090

client hello, add ciphersuite: c096

client hello, add ciphersuite: c09a

client hello, add ciphersuite: c0aa

client hello, add ciphersuite: c034

client hello, add ciphersuite: 008f

client hello, add ciphersuite: 009d

client hello, add ciphersuite: c09d

client hello, add ciphersuite: 003d

client hello, add ciphersuite: 0035

client hello, add ciphersuite: c032

client hello, add ciphersuite: c02a

client hello, add ciphersuite: c00f

client hello, add ciphersuite: c02e

client hello, add ciphersuite: c026

client hello, add ciphersuite: c005

client hello, add ciphersuite: c0a1

client hello, add ciphersuite: c07b

client hello, add ciphersuite: 00c0

client hello, add ciphersuite: 0084

client hello, add ciphersuite: c08d

client hello, add ciphersuite: c079

client hello, add ciphersuite: c089

client hello, add ciphersuite: c075

client hello, add ciphersuite: 009c

client hello, add ciphersuite: c09c

client hello, add ciphersuite: 003c

client hello, add ciphersuite: 002f

client hello, add ciphersuite: c031

client hello, add ciphersuite: c029

client hello, add ciphersuite: c00e

client hello, add ciphersuite: c02d

client hello, add ciphersuite: c025

client hello, add ciphersuite: c004

client hello, add ciphersuite: c0a0

client hello, add ciphersuite: c07a

client hello, add ciphersuite: 00ba

client hello, add ciphersuite: 0041

client hello, add ciphersuite: c08c

client hello, add ciphersuite: c078

client hello, add ciphersuite: c088

client hello, add ciphersuite: c074

client hello, add ciphersuite: 000a

client hello, add ciphersuite: c00d

client hello, add ciphersuite: c003

client hello, add ciphersuite: ccae

client hello, add ciphersuite: 00ad

client hello, add ciphersuite: 00b7

client hello, add ciphersuite: 0095

client hello, add ciphersuite: c093

client hello, add ciphersuite: c099

client hello, add ciphersuite: 00ac

client hello, add ciphersuite: 00b6

client hello, add ciphersuite: 0094

client hello, add ciphersuite: c092

client hello, add ciphersuite: c098

client hello, add ciphersuite: 0093

client hello, add ciphersuite: ccab

client hello, add ciphersuite: 00a9

client hello, add ciphersuite: c0a5

client hello, add ciphersuite: 00af

client hello, add ciphersuite: 008d

client hello, add ciphersuite: c08f

client hello, add ciphersuite: c095

client hello, add ciphersuite: c0a9

client hello, add ciphersuite: 00a8

client hello, add ciphersuite: c0a4

client hello, add ciphersuite: 00ae

client hello, add ciphersuite: 008c

client hello, add ciphersuite: c08e

client hello, add ciphersuite: c094

client hello, add ciphersuite: c0a8

client hello, add ciphersuite: 008b

client hello, got 137 ciphersuites (excluding SCSVs)

adding EMPTY_RENEGOTIATION_INFO_SCSV

client hello, compress len.: 1

client hello, compress alg.: 0

client hello, adding signature_algorithms extension

client hello, adding supported_elliptic_curves extension

client hello, adding supported_point_formats extension

client hello, adding encrypt_then_mac extension

client hello, adding extended_master_secret extension

client hello, adding session ticket extension

client hello, total extension length: 72

=> write handshake message

=> write record

output record: msgtype = 22, version = [3:3], msglen = 393

dumping ‘output record sent to network’ (398 bytes)

0000: 16 03 03 01 89 01 00 01 85 03 03 5e 86 9b f6 c6 …^…

0010: 4a 30 cb bf 02 98 8d 77 63 dd 9f 22 89 5b fe 8f J0…wc…".[…

0020: e9 a1 3a c7 65 f5 71 05 b3 59 d7 00 01 14 cc a8 …:.e.q…Y…

0030: cc a9 cc aa c0 2c c0 30 00 9f c0 ad c0 9f c0 24 …,.0…$

0040: c0 28 00 6b c0 0a c0 14 00 39 c0 af c0 a3 c0 87 .(.k…9…

0050: c0 8b c0 7d c0 73 c0 77 00 c4 00 88 c0 2b c0 2f …}.s.w…+./

0060: 00 9e c0 ac c0 9e c0 23 c0 27 00 67 c0 09 c0 13 …#.’.g…

0070: 00 33 c0 ae c0 a2 c0 86 c0 8a c0 7c c0 72 c0 76 .3…|.r.v

0080: 00 be 00 45 c0 08 c0 12 00 16 cc ac cc ad 00 ab …E…

0090: c0 a7 c0 38 00 b3 c0 36 00 91 c0 91 c0 9b c0 97 …8…6…

00a0: c0 ab 00 aa c0 a6 c0 37 00 b2 c0 35 00 90 c0 90 …7…5…

00b0: c0 96 c0 9a c0 aa c0 34 00 8f 00 9d c0 9d 00 3d …4…=

00c0: 00 35 c0 32 c0 2a c0 0f c0 2e c0 26 c0 05 c0 a1 .5.2.*…&…

00d0: c0 7b 00 c0 00 84 c0 8d c0 79 c0 89 c0 75 00 9c .{…y…u…

00e0: c0 9c 00 3c 00 2f c0 31 c0 29 c0 0e c0 2d c0 25 …<./.1.)…-.%

00f0: c0 04 c0 a0 c0 7a 00 ba 00 41 c0 8c c0 78 c0 88 …z…A…x…

0100: c0 74 00 0a c0 0d c0 03 cc ae 00 ad 00 b7 00 95 .t…

0110: c0 93 c0 99 00 ac 00 b6 00 94 c0 92 c0 98 00 93 …

0120: cc ab 00 a9 c0 a5 00 af 00 8d c0 8f c0 95 c0 a9 …

0130: 00 a8 c0 a4 00 ae 00 8c c0 8e c0 94 c0 a8 00 8b …

0140: 00 ff 01 00 00 48 00 0d 00 16 00 14 06 03 06 01 …H…

0150: 05 03 05 01 04 03 04 01 03 03 03 01 02 03 02 01 …

0160: 00 0a 00 18 00 16 00 19 00 1c 00 18 00 1b 00 17 …

0170: 00 16 00 1a 00 15 00 14 00 13 00 12 00 0b 00 02 …

0180: 01 00 00 16 00 00 00 17 00 00 00 23 00 00 …#…

=> flush output

message length: 398, out_left: 398

ssl->f_send() returned 398 (-0xfffffe72)

<= flush output

<= write record

<= write handshake message

<= write client hello

client state: 2

=> flush output

<= flush output

=> parse server hello

=> read record

=> fetch input

in_left: 0, nb_want: 5

in_left: 0, nb_want: 5

ssl->f_recv(_timeout)() returned -80 (-0x0050)

mbedtls_ssl_fetch_input() returned -80 (-0x0050)

ssl_get_next_record() returned -80 (-0x0050)

mbedtls_ssl_read_record() returned -80 (-0x0050)

<= handshake

mbedtls_ssl_handshake() failed, ret:-0x50.File: OneNETMqttClient.c, Line: 00263: NetworkConnect status: -1
=> write

=> handshake

client state: 2

=> flush output

<= flush output

=> parse server hello

=> read record

=> fetch input

in_left: 0, nb_want: 5

in_left: 0, nb_want: 5

ssl->f_recv(_timeout)() returned 0 (-0x0000)

mbedtls_ssl_fetch_input() returned -29312 (-0x7280)

ssl_get_next_record() returned -29312 (-0x7280)

mbedtls_ssl_read_record() returned -29312 (-0x7280)

<= handshake

mbedtls_ssl_handshake() returned -29312 (-0x7280)

=> write close notify

<= write close notify

=> free

<= free

PS:
1、my openssl command line is:
openssl s_client -connect 10.12.6.24:32517 -cert C:\Users\Administrator\Desktop\cert.pem -key C:\Users\Administrator\Desktop\pk.pem -tls1_2 -CAfile C: \Users\Administrator\Desktop\ca-chain.cert.pem -state -showcerts -status

2、my mbedtls code is:



mbedtls_net_init(&ssl->net_ctx);
mbedtls_ssl_init(&ssl->ssl_ctx);
mbedtls_ssl_config_init(&ssl->ssl_conf);
mbedtls_x509_crt_init(&ssl->cacert);
mbedtls_x509_crt_init(&ssl->clicert);
mbedtls_pk_init(&ssl->pkey);
mbedtls_ctr_drbg_init(&ssl->ctr_drbg);
mbedtls_entropy_init(&ssl->entropy);
if ((ret = mbedtls_ctr_drbg_seed(&ssl->ctr_drbg,
mbedtls_entropy_func,
&ssl->entropy,
(const unsigned char*)pers,
strlen(pers))) != 0)
{
printf( " failed\n ! mbedtls_ctr_drbg_seed returned %d\n", ret );
goto exit;
}
/*
* Load the Client certificate
*/
if (n->client_cert && n->client_pk) {
ret = mbedtls_x509_crt_parse(&ssl->clicert, (const unsigned char *)n->client_cert, n->client_cert_len);
if (ret < 0) {
DBG(“Loading cli_cert failed! mbedtls_x509_crt_parse returned -0x%x.”, -ret);
goto exit;
}
ret = mbedtls_pk_parse_key(&ssl->pkey, (const unsigned char )n->client_pk, n->client_pk_len, NULL, 0);
if (ret != 0) {
DBG(“failed! mbedtls_pk_parse_key returned -0x%x.”, -ret);
goto exit;
}
}
/

* Load the trusted CA
/
/
cert_len passed in is gotten from sizeof not strlen */
if (n->server_cert && ((ret = mbedtls_x509_crt_parse(&ssl->cacert,
(const unsigned char )n->server_cert,
n->server_cert_len)) < 0)) {
DBG(“mbedtls_x509_crt_parse() failed, value:-0x%x.”, -ret);
ret = -1;
goto exit;
}
/

* Start the connection
*/

snprintf(porta, sizeof(porta), "%d", port) ;
if ((ret = mbedtls_net_connect(&ssl->net_ctx, host, porta, MBEDTLS_NET_PROTO_TCP)) != 0) {
    DBG("failed! mbedtls_net_connect returned %d, port:%s.", ret, porta);
    goto exit;
}   
/*
 * Setup stuff
 */
if ((ret = mbedtls_ssl_config_defaults(&ssl->ssl_conf,
                                       MBEDTLS_SSL_IS_CLIENT,
                                       MBEDTLS_SSL_TRANSPORT_STREAM,
                                       MBEDTLS_SSL_PRESET_DEFAULT)) != 0) {        
    DBG("mbedtls_ssl_config_defaults() failed, value:-0x%x.", -ret);
    ret = -1;
    goto exit;
}
mbedtls_ssl_conf_max_version(&ssl->ssl_conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
mbedtls_ssl_conf_min_version(&ssl->ssl_conf, MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3);
mbedtls_ssl_conf_authmode( &ssl->ssl_conf, authmode );
mbedtls_ssl_conf_ca_chain(&ssl->ssl_conf, &ssl->cacert, NULL);
mbedtls_ssl_conf_rng(&ssl->ssl_conf, mbedtls_ctr_drbg_random, &ssl->ctr_drbg);
mbedtls_ssl_conf_dbg(&ssl->ssl_conf, mytls_debug, NULL);
if ((ret= mbedtls_ssl_setup(&ssl->ssl_ctx, &ssl->ssl_conf)) != 0) {
    DBG("mbedtls_ssl_setup() failed, value:-0x%x.", -ret);
    ret = -1;
    goto exit;
}  
//mbedtls_ssl_set_hostname
mbedtls_ssl_set_bio(&ssl->ssl_ctx, &ssl->net_ctx, mbedtls_net_send, mbedtls_net_recv, mbedtls_net_recv_timeout);
/*
* Handshake
*/
while ((ret = mbedtls_ssl_handshake(&ssl->ssl_ctx)) != 0) {
    if (ret != MBEDTLS_ERR_SSL_WANT_READ && ret != MBEDTLS_ERR_SSL_WANT_WRITE) {      
        DBG("mbedtls_ssl_handshake() failed, ret:-0x%x.\r\n", -ret);
        ret = -1;
        goto exit;
    }
}...



the openssl log is:
openssl s_client -connect 10.12.6.24:32517 -cert C:\Users\Administrator\Desktop\cert.pem -key C:\Users\Administrator\Desktop\pk.pem -tls1_2 -CAfile C: \Users\Administrator\Desktop\ca-chain.cert.pem -state -showcerts -status
CONNECTED(00000130)
SSL_connect:before SSL initialization
SSL_connect:SSLv3/TLS write client hello
SSL_connect:SSLv3/TLS write client hello
SSL_connect:SSLv3/TLS read server hello
depth=1 C = CN, ST = ChongQing, O = edge, CN = edge
verify return:1
depth=0 C = CN, ST = ChongQing, O = edge, CN = edgemqtt
verify return:1
SSL_connect:SSLv3/TLS read server certificate
SSL_connect:SSLv3/TLS read server key exchange
SSL_connect:SSLv3/TLS read server certificate request
OCSP response: no response sent
SSL_connect:SSLv3/TLS read server done
SSL_connect:SSLv3/TLS write client certificate
SSL_connect:SSLv3/TLS write client key exchange
SSL_connect:SSLv3/TLS write certificate verify
SSL_connect:SSLv3/TLS write change cipher spec
SSL_connect:SSLv3/TLS write finished
SSL_connect:SSLv3/TLS write finished
SSL_connect:SSLv3/TLS read server session ticket
SSL_connect:SSLv3/TLS read change cipher spec
SSL_connect:SSLv3/TLS read finished

Certificate chain
0 s:C = CN, ST = ChongQing, O = edge, CN = edgemqtt
i:C = CN, ST = ChongQing, O = edge, CN = edge
-----BEGIN CERTIFICATE-----
MIIFDDCCAvSgAwIBAgICEAEwDQYJKoZIhvcNAQELBQAwPzELMAkGA1UEBhMCQ04x
EjAQBgNVBAgMCUNob25nUWluZzENMAsGA1UECgwEZWRnZTENMAsGA1UEAwwEZWRn
ZTAeFw0yMDA0MDIwNzE0MjNaFw0zMDA3MDkwNzE0MjNaMEMxCzAJBgNVBAYTAkNO
MRIwEAYDVQQIDAlDaG9uZ1FpbmcxDTALBgNVBAoMBGVkZ2UxETAPBgNVBAMMCGVk
Z2VtcXR0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsweQRU182TnQ
r+bsNfbwXGhlj5T2q8mvNoEyNqxORF/05TJGbxEfS028CkMDVStg0dwmvkey3p5h
pVCVav9fAeIf2gsjT/nbgNbFmVCzg/8REHuOMNLV4ajoD9uhXfxQLYHCVlBbAWDB
mz8TaJEp93/Z54pNDC7XZe3Ua4v2bnOQxOp861uDL+AR780XljoQ9PGcLBiDRMMV
5hnyxPziaaeG9dZp+p0exahnIUaH0D9Jp2ffUb6j9mHKLLgDIoP0e0Da1pCVOVSl
xIchvKQJPW/ekEsEDLys5ThtoDhXN4SogJZ/d+zX8vHhGxvYoTmOghnHW7mUGAbu
VXeg5mokCQIDAQABo4IBDDCCAQgwCQYDVR0TBAIwADARBglghkgBhvhCAQEEBAMC
BkAwMwYJYIZIAYb4QgENBCYWJE9wZW5TU0wgR2VuZXJhdGVkIFNlcnZlciBDZXJ0
aWZpY2F0ZTAdBgNVHQ4EFgQUGADp5yT4+gxa78jxB1ZgdqQgqd8wbwYDVR0jBGgw
ZoAU+r8aKJSSb1JDfs/xlOw/Tnn4ituhQ6RBMD8xCzAJBgNVBAYTAkNOMRIwEAYD
VQQIDAlDaG9uZ1FpbmcxDTALBgNVBAoMBGVkZ2UxDTALBgNVBAMMBGVkZ2WCCQCB
wnEGC0GO7DAOBgNVHQ8BAf8EBAMCBaAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDQYJ
KoZIhvcNAQELBQADggIBAGjMG1RnD6Qk/n6JtRuQITfPRU/MwYSsVzVhfyFrU6NZ
78sDAfD9FqoEThw4f1YLzlkfyUgxlqMzLQsYoAVCEkBrsUoUVQ8YWj/ybVdaxTRb
kkS9bacJFP+zxqq8jr3xCH0vCTw6lL/aQwwlhZNQPvHa/KH0tC1JdMKK7FZkAGBY
RvNBfkB6DEsyoBYFh01enZpE9+wBn/7I7GRt2/TWPlRQuMo/tk50gv9ys+aRiCDM
0vK4aVxSpVXWg0fXms/tDxl3EkZLkvjtdVqgJHx1saEyOEabPolYsB/ZsFQuUfIp
rpr0PhEyvTkEBUGlYKY/YO1ImdVX7IQegDT84VBt+swtiVthNl7Eyw/0uq0eSfAZ
IpyTOKzBIS9hBwJnQ0dhvsM1p6zBG1pBPG3mqdVUJptl1fNCFhxKY+BEDH5KmPH2
rby9uAp1n4Ybai0DW9TdTH6Vk65FmUZ8wieooT6EzLD4E5iH27jsxNpW09wBaSte
7PH5zVrT5sA136lSP3HaIr7FtoSgpH9rzvnouQCQAT2IGUc7PlwsGBbOSai2wFnB
J8uW5qn337SxPos/Qh1O6vZ806sLyM+gZnfwllQST/RQM+DCpmSbDhylN6JI3++9
dt4dvfd463vYHRoggJnRXMuXtMGnXXgbnGOweHv+w1YOWH+DXcmIXO4IUE5tEmkr
-----END CERTIFICATE-----

Server certificate
subject=C = CN, ST = ChongQing, O = edge, CN = edgemqtt

issuer=C = CN, ST = ChongQing, O = edge, CN = edge


Acceptable client certificate CA names
C = CN, ST = ChongQing, O = edge, CN = edge
Client Certificate Types: RSA sign, ECDSA sign
Requested Signature Algorithms: RSA+SHA256:ECDSA+SHA256:RSA+SHA384:ECDSA+SHA384:RSA+SHA512:ECDSA+SHA512:RSA+SHA1:ECDSA+SHA1
Shared Requested Signature Algorithms: RSA+SHA256:ECDSA+SHA256:RSA+SHA384:ECDSA+SHA384:RSA+SHA512:ECDSA+SHA512:RSA+SHA1:ECDSA+SHA1
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: X25519, 253 bits

SSL handshake has read 4508 bytes and written 3134 bytes
Verification: OK

New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: 3F1C5C7F42CE6621A576DDF08937AF2AF2F1BE4C647EDC0CF21BF322FF379497
Session-ID-ctx:
Master-Key: 628D9F7E5DC6E08922C338C19AE57ABF8EF673E542A0A4960F076C19D1B4C45C41B499D6FED088735DA9E596728298B6
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket:
0000 - 29 0d d9 e5 a9 5c 42 b0-b0 09 70 e3 0f 80 a5 52 )…\B…p…R
0010 - 6f 8a 25 58 8d fc b3 82-0c f7 33 04 f2 2c f0 78 o.%X…3…,.x
0020 - 60 21 d3 e6 a1 4b 24 7a-04 60 3b 94 f9 4e a1 c1 !...K$z.;…N…
0030 - 4e b2 43 ff 05 bf f3 9b-b7 e2 d6 cd ab 8e ff f1 N.C…
0040 - 08 f0 59 b2 02 14 4c 62-57 bb 72 d5 7b 87 39 9c …Y…LbW.r.{.9.
0050 - 04 3e 06 ab 62 05 c7 04-86 d6 de 0c 2f 6d 64 8c .>…b…/md.
0060 - a2 5e 0c c5 54 3a bc 81-62 6e ee 0f 4b e4 4b 2b .^…T:…bn…K.K+
0070 - bb 68 76 c2 3c 3a fc 4f-ac 60 ef 22 11 d4 68 97 .hv.<:.O.."..h. 0080 - 4c 5c c1 85 fe 5f 13 bf-60 55 78 57 c2 c0 85 59 L\..._..UxW…Y
0090 - c7 f9 5c 63 cd 21 cd 38-89 d3 a2 7f 92 18 d6 cf …\c.!.8…
00a0 - bf 1b a7 fb de 0e 9c 07-5d 81 18 be bf 4e 60 69 …]…Ni 00b0 - 1a 76 76 43 db b3 6e d9-fd dd 01 53 81 73 3b 0d .vvC..n....S.s;. 00c0 - db 9c e3 11 c9 84 e5 d0-f7 a1 65 92 3f ed ad 89 ..........e.?... 00d0 - 7e 8b 4c a4 44 ff 12 88-1f 2e 72 8f 3e 7a 96 01 ~.L.D.....r.>z.. 00e0 - 29 63 01 6f b5 5a 63 57-88 81 20 9b 8b 8d 52 fb )c.o.ZcW.. ...R. 00f0 - 4d c0 ce db 01 81 8f f9-c5 37 b0 38 df b4 93 e1 M........7.8.... 0100 - d1 35 7d 91 f1 c4 96 69-46 5b 4a 58 b6 16 ae 7f .5}....iF[JX.... 0110 - d1 0a 22 79 44 cb 5d b7-7f a1 13 ad ce 75 2f 29 .."yD.]......u/) 0120 - 83 7b 72 83 23 1e 3b bd-e4 3c 74 a3 80 79 8a 25 .{r.#.;..<t..y.% 0130 - 79 a9 aa f2 f6 99 07 5f-86 41 b6 1b ef 04 22 03 y......_.A....". 0140 - 61 40 97 eb 17 58 07 b7-59 13 b3 12 e2 dc fa c3 a@...X..Y....... 0150 - 9a 5d b6 e2 60 7d 4e a2-02 e9 d0 a8 7f 7b 53 73 .]..}N…{Ss
0160 - 00 eb 26 00 ac 6e 0a 1a-c6 3d 04 a2 a3 a1 10 57 …&…n…=…W
0170 - c0 ca 72 4d 00 e0 1a ca-04 fe f1 5c d9 b2 15 12 …rM…
0180 - f8 5f 62 54 c2 1c 85 4a-5d 37 bb 29 d2 18 93 a9 .bT…J]7.)…
0190 - 31 78 6c 6a 65 15 a1 5c-0e 97 69 44 b1 30 82 dd 1xlje…iD.0…
01a0 - f1 df 95 5f 06 b1 62 d1-c2 b6 3e f3 80 a2 ce f5 …
…b…>…
01b0 - 61 0a 2f c4 e6 f0 62 bd-2c 0d 1e ec 61 fd 98 6d a./…b.,…a…m
01c0 - 49 63 8b 1e a0 ff 8a 11-2c 84 eb 12 7f db 4d 88 Ic…,…M.
01d0 - 3d 2c be d8 4f d4 e5 00-6b b2 cc 24 2a 81 ab 61 =,…O…k…*..a 01e0 - 42 cb 02 bd e5 8d 49 de-81 22 d5 dc 4e c0 c4 29 B.....I.."..N..) 01f0 - 0f 6a 78 30 92 c8 0d af-8c b6 1b bf 57 2a 33 24 .jx0........W*3
0200 - ae f5 0a 2c ea 1e eb e3-aa bc d7 55 56 4c 07 20 …,…UVL.
0210 - f0 bf ce 31 f5 f1 e0 a0-7b 3b 8c 15 e3 43 3d 1c …1…{;…C=.
0220 - 92 90 65 43 1a ee c7 63-0b a3 52 60 82 45 05 6c …eC…c…R.E.l 0230 - 8b e9 92 83 c1 80 4a ee-14 27 1a 18 cd 07 a6 59 ......J..'.....Y 0240 - 3b 4c 74 77 23 ec ba 85-ea 34 e6 04 bf d3 53 97 ;Ltw#....4....S. 0250 - 3d ef 96 a7 3a 15 b4 99-17 b7 09 de ed 6d 99 15 =...:........m.. 0260 - 1c aa da 59 83 e3 4b 04-2a 5f fb 17 66 41 1d 6b ...Y..K.*_..fA.k 0270 - 3b 83 1e 4c 6f 96 ca d4-22 0d 20 0c 55 3d 2d b7 ;..Lo...". .U=-. 0280 - 62 8b a5 d0 84 e5 70 37-b3 2b 35 a6 1e e9 9f 98 b.....p7.+5..... 0290 - 13 83 36 c6 41 de ca 4d-6e 8e 21 03 e3 0f 41 7c ..6.A..Mn.!...A| 02a0 - 3f 4b 48 52 b2 1d 07 ab-26 4a e4 3d f6 b1 c6 74 ?KHR....&J.=...t 02b0 - 41 11 81 e0 f2 0d 35 be-dc fd 94 60 97 16 2b 56 A.....5....…+V
02c0 - 03 b2 b3 ad 18 9d f4 8d-fb 6a 7a eb 27 38 5d b0 …jz.‘8].
02d0 - 98 be 9f e0 d8 e4 23 7c-0c e0 c3 66 b8 37 a2 94 …#|…f.7…
02e0 - a8 bc f2 76 b0 53 38 b1-63 e1 c9 07 e7 45 00 f9 …v.S8.c…E…
02f0 - e0 42 01 d5 75 d8 91 89-97 ec f7 fa 3a 4f 91 8f .B…u…:O…
0300 - c0 4c 61 09 b0 52 fa 5f-d1 11 a5 ba 84 bd 29 e3 .La…R.…).
0310 - a0 f8 0e 14 3c 8a 9a 90-d8 bc df ae 74 15 cb df …<…t…
0320 - 54 37 de 20 01 6d 8f df-75 9c 20 84 17 4a d3 15 T7. .m…u. …J…
0330 - 19 e4 b1 38 6b 38 9a ae-3d f2 49 d1 92 9c 13 28 …8k8…=.I…(
0340 - 1a 49 e0 8e c9 ce dd 60-88 21 66 e3 73 2d b8 df .I….!f.s-.. 0350 - b5 67 fe 08 fa f1 6c ab-7a b2 b9 cd 1e 41 4f 21 .g....l.z....AO! 0360 - dc 03 91 6f e4 3e 86 77-7b 90 1e 8a 91 2b ff f0 ...o.>.w{....+.. 0370 - b6 a0 8c 3e 1a 77 b0 6b-17 f0 6e f6 f8 13 e1 4f ...>.w.k..n....O 0380 - b6 04 19 d1 62 ff 92 ba-9a 29 54 c9 74 a0 2f e5 ....b....)T.t./. 0390 - 47 b5 10 51 dc 04 09 00-73 c4 d3 3f 8c d9 48 70 G..Q....s..?..Hp 03a0 - bd 75 c8 11 91 7e 42 b8-3e 6e 5f ef bb 67 71 1c .u...~B.>n_..gq. 03b0 - ea 6c 0a 9b 32 b4 3d 24-29 77 5c f7 a5 1e 88 bd .l..2.=$)w\..... 03c0 - 82 31 26 35 09 76 ae 35-10 96 e5 1b 47 20 73 46 .1&5.v.5....G sF 03d0 - c5 54 23 f3 39 21 15 3b-3c 34 f8 cf b7 88 0e 05 .T#.9!.;<4...... 03e0 - 05 f9 74 0a df 31 f4 11-47 92 7e 95 fe b0 ee ea ..t..1..G.~..... 03f0 - 52 23 d4 05 48 df b4 90-ac 36 9c 58 ee 55 5a a6 R#..H....6.X.UZ. 0400 - 3e b5 c6 b9 36 ad cd 41-72 a8 69 1b c6 55 15 b5 >...6..Ar.i..U.. 0410 - a1 c9 13 0c e9 6e 79 46-f7 dc 8b 50 62 be 62 b7 .....nyF...Pb.b. 0420 - 0c 54 e3 58 1d 81 d6 d3-f8 5f 95 ba 2a 0e 5d 7e .T.X....._..*.]~ 0430 - 9a 8a 1f 2e c8 94 90 95-e6 bc 20 99 f2 73 86 ba .......... ..s.. 0440 - 71 25 7e 29 04 4e f5 46-02 26 6e 39 5c 64 7d d9 q%~).N.F.&n9\d}. 0450 - 1c 43 a4 eb 42 9b 88 64-3f a1 0d 70 ff 47 fd fb .C..B..d?..p.G.. 0460 - 2f c3 be b6 1b 0d 60 86-6d 11 d1 f5 e7 90 81 bc /......m…
0470 - 03 5b 6d 29 f6 4b 34 7a-49 62 32 3e a6 06 49 ec .[m).K4zIb2>…I.
0480 - 55 3c 99 98 41 e8 b8 6c-44 2e 08 90 77 cd 40 af U<…A…lD…w.@.
0490 - 82 8f 16 21 17 e6 47 27-78 60 13 62 61 07 d2 33 …!..G’x.ba..3 04a0 - 7b 9a 55 e5 b8 62 0f bc-7a 5b 87 62 a2 4c 87 76 {.U..b..z[.b.L.v 04b0 - f3 53 50 46 6d 6d e6 32-ef 7f da f3 f2 d5 a5 45 .SPFmm.2.......E 04c0 - 56 b0 0d 84 7f 76 ff 45-dd 92 0a 6b 91 dd 53 e6 V....v.E...k..S. 04d0 - f7 26 95 34 1d 20 9c 21-9c 66 a3 be 73 fb 24 70 .&.4. .!.f..s.$p 04e0 - 8f ae 08 6d 54 d9 7d fe-dd aa 41 9b ea 0e 12 3c ...mT.}...A....< 04f0 - 0f b2 66 73 f2 e7 b3 c7-f9 95 af 66 6f 94 24 fd ..fs.......fo.$. 0500 - cc 5c 03 2f 79 e6 7a d2-2a d3 ce de 1f 74 4c d8 .\./y.z.*....tL. 0510 - 6f c6 40 ee cb 47 10 ad-f8 08 19 d4 6b da a4 76 o.@..G......k..v 0520 - 79 77 6d 71 f5 89 dc ef-e6 25 e5 4b a9 ff 90 d4 ywmq.....%.K.... 0530 - 6b 2e 25 33 e0 0c 39 b6-c4 ab 84 f0 16 ff c8 10 k.%3..9......... 0540 - 3f b2 70 67 e0 1b c9 58-ad 61 aa 7e 57 e0 fa 76 ?.pg...X.a.~W..v 0550 - 43 69 fb 87 2d 02 38 57-95 c0 a2 8f 2f 12 17 e2 Ci..-.8W..../... 0560 - f1 f4 3b 41 99 47 ee 2a-6e 09 62 b4 83 92 aa be ..;A.G.*n.b..... 0570 - c9 b5 79 06 32 15 21 0a-55 a2 2c 72 03 97 ec f3 ..y.2.!.U.,r.... 0580 - 36 46 e0 ad b3 77 05 63-91 e8 8f 0d 5e 67 9e da 6F...w.c....^g.. 0590 - 25 86 20 c7 74 58 30 99-f1 cb e6 42 cd 12 c9 92 %. .tX0....B.... 05a0 - 4a a0 55 b4 44 86 1c f4-c8 09 dc 4a 5a 87 44 16 J.U.D......JZ.D. 05b0 - 00 c1 3e 2e 15 ca f9 1c-78 ab c9 e7 e1 46 47 58 ..>.....x....FGX 05c0 - 8e 15 b0 aa c3 c5 cb c5-9a e4 d1 ea 17 99 a6 00 ................ 05d0 - 25 a4 72 d4 2f d1 e6 8c-e9 96 7e a3 c0 cd 28 af %.r./.....~...(. 05e0 - f3 a2 2d 91 12 e4 b5 6c-50 69 80 c1 98 6f 65 8f ..-....lPi...oe. 05f0 - 36 10 07 84 74 eb 3f cb-b9 2a 76 00 a4 a5 10 88 6...t.?..*v..... 0600 - 4a 41 87 58 d5 7e f5 be-4b 2f 54 24 21 66 0d fe JA.X.~..K/T$!f.. 0610 - 44 bf 0a 14 d6 46 c6 b7-fc cf dd 9d 8a b2 81 1b D....F.......... 0620 - 46 e0 c3 06 5c c4 42 14-9a 97 ea 5a 14 f4 6c 8d F...\.B....Z..l. 0630 - fe 1f 76 6c 18 dc 27 19-01 3a 17 67 fe d8 30 04 ..vl..'..:.g..0. 0640 - df a9 b4 ef 82 75 c4 39-b3 e2 40 7e ef 22 57 32 .....u.9..@~."W2 0650 - 37 f8 cc 07 f6 29 73 a6-2e 5a ea 5b 0d d4 61 52 7....)s..Z.[..aR 0660 - ae fa be a9 d6 4d 70 4a-39 65 78 5c 94 9f d6 22 .....MpJ9ex\..." 0670 - a8 0b 56 68 c9 06 d0 1f-1b 56 5a 9b 02 89 7e 37 ..Vh.....VZ...~7 0680 - b7 e6 ae b4 0f 07 65 9e-1a 9c be 49 a8 bf e5 7a ......e....I...z 0690 - 86 9f a5 1c ac 37 d9 06-03 8f f4 bd 28 b1 c8 cb .....7......(... 06a0 - 7c 92 5f 56 ed e1 ad 9b-a2 a7 e2 e4 09 1a f6 ef |._V............ 06b0 - 35 14 ec 8c eb f5 94 bf-47 30 82 17 60 a2 51 56 5.......G0...QV
06c0 - 32 6e 97 47 0e 26 f4 75-f1 74 a5 cd 19 7d aa 97 2n.G.&.u.t…}…
06d0 - 9b c4 7a b1 e6 b0 13 90-d1 7d 20 c6 d8 7e c1 9d …z…} …~…
06e0 - c2 0d 1e b4 b4 ec 70 92-87 63 c1 ee 8d 6d f2 22 …p…c…m."
06f0 - 68 58 0e f1 f3 32 c4 0f-37 d8 3c 45 0c ed 25 d8 hX…2…7.<E…%.
0700 - fc 50 c2 71 54 fe 2d fa-3d e5 ef c2 8c 62 19 5a .P.qT.-.=…b.Z
0710 - 6e b4 75 04 57 56 c9 e6-a3 d4 42 43 9f a9 16 53 n.u.WV…BC…S
0720 - 70 00 20 e4 18 b8 a4 4d-5b 66 25 33 24 c1 20 61 p. …M[f%3$. a
0730 - 0a 78 f7 e6 a5 23 36 07-4a 7c aa af f6 ed 16 31 .x…#6.J|…1
0740 - c2 38 ed 0f 0e d7 db 58-6e 18 47 9d bf 66 0d c4 .8…Xn.G…f…
0750 - bc 74 0a 03 07 82 cc 4b-51 b3 5e 6f 01 b3 18 3a .t…KQ.^o…:
0760 - ea 99 02 c2 16 a5 4d 34-aa 1b 1b bb 30 11 f8 ef …M4…0…
0770 - 52 56 da 2f de 03 03 e7-63 9e 42 ad 7a fd 23 c6 RV./…c.B.z.#.
0780 - da f5 8c 85 4a 07 10 33-b9 b6 c0 e5 cf 55 01 3a …J…3…U.:
0790 - 02 37 4f e3 16 b8 8b 89-f0 a1 aa 68 ee 89 4e 40 .7O…h…N@
07a0 - 1e ea 14 2a 63 ee 4d 71-25 f3 84 01 71 3d f1 a9 …c.Mq%…q=…
07b0 - 3b 6f 16 ef 0b ac 20 48-11 b4 eb 1e 2a 9d 8f d5 ;o… H…

07c0 - 14 80 bc e2 e6 86 bb b6-26 07 9b 5f d7 c2 19 19 …&…

07d0 - 09 81 99 19 18 68 ee 66-49 fb d6 a9 b4 c2 07 97 …h.fI…
07e0 - 28 e6 57 4d c7 a2 9f 38-65 8a f4 f3 60 26 9e 0e (.WM…8e…&.. 07f0 - 67 28 3d b2 50 5b d0 a6-30 0f 9a 55 4f 25 cc 73 g(=.P[..0..UO%.s 0800 - e1 7f 04 03 de ef f2 92-40 32 23 79 a6 b0 d0 fd ........@2#y.... 0810 - b4 b8 ff 0a 18 9c 10 04-2d 62 c0 9d e5 41 a7 a4 ........-b...A.. 0820 - bc f3 6c 9b 08 01 18 b7-05 9a 6c a1 29 13 cc 74 ..l.......l.)..t 0830 - 30 63 4f e3 bf e3 47 f7-a0 a7 f1 b0 e2 94 65 65 0cO...G.......ee 0840 - 18 45 55 36 60 76 60 be-c6 c7 ee ed 43 7c 12 88 .EU6v.....C|.. 0850 - e1 23 56 d3 7c ff 46 05-b4 e5 d6 1c 70 7b ac ac .#V.|.F.....p{.. 0860 - e9 7b 96 fe 33 94 68 9a-54 c1 db 3d 15 a4 eb 64 .{..3.h.T..=...d 0870 - ec 91 81 d0 d2 f7 e8 69-8d ce 4e 04 39 a0 cb 86 .......i..N.9... 0880 - ed 40 aa 02 c6 59 27 e7-63 cd f2 32 15 0a b2 48 .@...Y'.c..2...H 0890 - c6 2e 55 e2 f4 2d 7c c6-dd 50 3c d9 8d af 02 7d ..U..-|..P<....} 08a0 - c7 77 10 4b 26 ec b5 dd-92 2d 02 d8 25 b5 20 1d .w.K&....-..%. . 08b0 - 24 37 4c dd 43 54 bf 5c-64 f5 e1 15 8c 12 d8 ae $7L.CT.\d....... 08c0 - 77 a4 be 26 e7 69 f2 50-c8 be 43 db 24 0b 6d 45 w..&.i.P..C.$.mE 08d0 - 84 54 73 25 3a 0c a1 d3-2a 22 0c ba a1 b2 c0 10 .Ts%:...*"...... 08e0 - 06 85 59 87 0e 9f d9 1b-42 19 da 85 75 13 d5 f7 ..Y.....B...u... 08f0 - 7f 61 60 d1 ee 49 92 e8-e9 fb 52 79 d2 8e 6a 8c .a…I…Ry…j.
0900 - 59 48 be 2d 44 42 b3 51-a8 b7 d2 11 4e 9b 80 ac YH.-DB.Q…N…
0910 - 6a 54 f1 9d 9a 76 5e 3f-ac bc bb 17 86 86 3c c7 jT…v^?..<.
0920 - 70 54 3c 0f d8 af 2f c6-78 5c 0a 02 c9 46 b0 25 pT<…/.x…F.%
0930 - 8c ea ac c2 53 8e a0 60-34 f3 2e 1c a6 bf d3 e2 …S…4....... 0940 - 2a 29 fc 9a 71 06 bc f9-8a ac 87 cc 78 da 1b 32 *)..q.......x..2 0950 - 75 84 04 0e ea e1 08 8e-d9 66 68 dd 1c 2f f1 7a u........fh../.z 0960 - 01 d6 46 49 7e 4b 2d 04-b5 4b c7 9f f9 14 75 8c ..FI~K-..K....u. 0970 - f9 80 9a 70 e0 08 a9 0f-1e 2c d2 c6 78 3c 51 bc ...p.....,..x<Q. 0980 - ba ee 86 bd 56 e6 61 12-83 22 40 1b cb 39 f5 e8 ....V.a.."@..9.. 0990 - 97 30 1f e8 c8 2c 2b ce-04 79 9a f4 1d a9 a9 0c .0...,+..y...... 09a0 - f0 b6 ad a9 87 c5 fa ec-76 e3 bd f3 ba dc 60 14 ........v......
09b0 - 64 95 26 41 ce 4a 81 a5-c0 0e fd e0 79 ef ab 37 d.&A.J…y…7
09c0 - 69 8c 2b f3 e2 fd c0 42-64 b1 a8 18 0f 8e 43 b3 i.+…Bd…C.
09d0 - 5c 50 e4 67 97 d3 12 6f-33 ff 64 ce df ec 1b f4 \P.g…o3.d…
09e0 - 5e 92 13 e0 05 b1 c4 f6-7f a8 30 35 7f 34 90 43 ^…05.4.C
09f0 - 66 25 f8 38 23 e8 3d f9-23 1c e1 c9 f6 cf 27 0c f%.8#.=.#…’.
0a00 - 80 64 8c ed 70 c2 ef 78-62 89 31 20 90 af e0 f0 .d…p…xb.1 …
0a10 - 1e e9 60 0f a9 79 8e 69-bf 3d a2 e9 8b 87 97 2d …`…y.i.=…-
0a20 - 31 4d 04 29 9a 41 fa 61-24 86 de 3e e4 aa 13 7e 1M.).A.a$…>…~
0a30 - 1c 57 ac 15 e5 f9 e0 4e-37 b5 9c 2d 73 e1 d7 cf .W…N7…-s…
0a40 - db 86 61 4d 1e 8c af 7b-d5 be b0 38 6f b8 64 65 …aM…{…8o.de
0a50 - c9 e5 70 77 4c 8d 5c cb-a7 63 0c 27 34 91 a9 37 …pwL…c.'4…7
0a60 - d9 99 78 10 …x.

Start Time: 1585882428
Timeout   : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: no

Hi @cqcsdzmt
As mentioned in this anouncement, Mbed TLS is now maintained under open governance at TrustedFirmware.org.
I would suggest you post your question there, as it doesn’t seem your question is Pelion related.

At a glance, the error -0x7280 means: `-0x7280 - SSL - The connection indicated an EOF" . Since this was received after your client sent the Client hello message, I would say that the server can’t establish a successful TLS handshake with the parameters given in your client hello. Most likely no matching ciphersuite, and it is probably a configuration issue.
Regards,
mbed Support
Ron

thanks for your reply。
I send a email to ‘mbed-tls@lists.trustedfirmware.org’.
Although you’re not in charge of mbedtls now, I’ll sync you a message

I change an server ip,which you also can acess,it has the same problem,the log is same。and it seem that it’s my problem
Can you connect it use your device。

ip:x509.itls.cn-shanghai.aliyuncs.com:1883 (101.133.196.106)
the cer is:
-----BEGIN CERTIFICATE-----
MIIDhzCCAm+gAwIBAgIHZ9OnbZDdnDANBgkqhkiG9w0BAQsFADBTMSgwJgYDVQQD
DB9BbGliYWJhIENsb3VkIElvVCBPcGVyYXRpb24gQ0ExMRowGAYDVQQKDBFBbGli
YWJhIENsb3VkIElvVDELMAkGA1UEBhMCQ04wIBcNMjAwNDAxMDkxNDMxWhgPMjEy
MDA0MDEwOTE0MzFaMFExJjAkBgNVBAMMHUFsaWJhYmEgQ2xvdWQgSW9UIENlcnRp
ZmljYXRlMRowGAYDVQQKDBFBbGliYWJhIENsb3VkIElvVDELMAkGA1UEBhMCQ04w
ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfniNwg0L3ms6Yntb4BGku
ZmtGwPj54RMiTYHrZzF6uMiI09evz0bb6ypeRFosp2/hqi+/ltYHplprHFNtlJtr
alWP8wn8xk4ZE0g9mY33GMoPM+x/G1WSL2QObZFpKJWjWR2P6g/mZfXOMTw1bzMv
k6Xmogz7+ot8SMR91VjTiUmPAj75hQVW3R7DP78j739hKrpMOCW0C0J4ODOGQfKb
XlymqOgjFJXoTCpRDqrmqpxfe4XNLYPmJWfjpFxiyowRaV5AgEgROlNtZW89viNP
2Ftso+9iU2R4OF2nuc+dQcgiQq2jSvVCqshbbtcfCJFmQmPltGtrpcjojb3f9/TX
AgMBAAGjYDBeMB8GA1UdIwQYMBaAFIo3m6hwzdX5SMiXfiGfWW9JjiQRMB0GA1Ud
DgQWBBSxfKYMhb5vhWQt2gSpZkpn6hcbTzAOBgNVHQ8BAf8EBAMCA/gwDAYDVR0T
AQH/BAIwADANBgkqhkiG9w0BAQsFAAOCAQEAcIdrjxByDr2qa/NcD9QDrtWcRGgW
HZDjmltnkQliLIJcmrj1fAj5xtICE4x6nEgWluBbhIEHraq7X21///ubxJIBKAV+
FNLo+g1rIQUO2J+07DbyK6xfCK9CPSXLS2ORhwWM6HfzYk+6lYQrUeRSNUSEBZZd
IuEydvbVx9HuXuxeE+OJnvyD2jMeqvg7C8kFwoyr9izvjih19+zx8D1w7QoGkdXZ
wMzjnB0bjePc+olHfn+8iVLajG636twSl8R6pw8Lgr9KbVYVBYXgwWw/F6ctajnK
ZmsgUjOTMnwUuGUWZxKuHgZ0TakxuwZAi89uc/N4OZkGQ116z1nGtBHagw==
-----END CERTIFICATE-----

the key is:
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEA354jcINC95rOmJ7W+ARpLmZrRsD4+eETIk2B62cxerjIiNPX
r89G2+sqXkRaLKdv4aovv5bWB6ZaaxxTbZSba2pVj/MJ/MZOGRNIPZmN9xjKDzPs
fxtVki9kDm2RaSiVo1kdj+oP5mX1zjE8NW8zL5Ol5qIM+/qLfEjEfdVY04lJjwI+
+YUFVt0ewz+/I+9/YSq6TDgltAtCeDgzhkHym15cpqjoIxSV6EwqUQ6q5qqcX3uF
zS2D5iVn46RcYsqMEWleQIBIETpTbWVvPb4jT9hbbKPvYlNkeDhdp7nPnUHIIkKt
o0r1QqrIW27XHwiRZkJj5bRra6XI6I293/f01wIDAQABAoIBAEBb1TtWq/lzdq56
WMh9DICsPYfZlk7ktosS36eOxbDaaezne5ZAA9bbsg/7gDCF6C98uc1cbjE5caCO
QHyzXp/ltMZ/Xop/0I5q/EmuXiuV2OHTQee7SD+QoC1+33Dym06uIVIAPZ9EDSDR
DtEaNhMlXYQpc686Btc4YkUNGEmZGfc1847Kl2UMJnDeBorP0Zpy0kXbikxuZke8
VZIgea9eBN+/OzP7UhvO8tQn0qdqJG84SjdHpENRlahgeef4XFnXUWDni+H2pKLd
tBVY5Hd9YXO9TmTgOdEvcMq2Dj9vyLG6i23HMKlSa+DF+jfpxwKINtNB4EjpDti3
IYvgVGECgYEA738TTSLWkecq3/vTiH0SyE5LZs/+IxTih+maEZFHtVRixxoRA7B/
Zf8NwAth0A25sahl7MASVm9+JvjfMyXCFHjpXUewlgSuGoRTNm2LaRjatKt7AuTU
qXwXwAxFy7XvcFQNjp6RG1DnjJqKDZl+ImvWDSgk9QrYAJwgt/VwFO8CgYEA7wbz
HVBlPVeZHcja48SpdexZOO2/XoGdyx0JY9uK3jEwkSerJu9pzxkxnxSWzXLJEhxL
5QHlvHmWRmaaBkwfLsqWDkUMN5RfLnB2pM6cS4OmJtyJ0/L31wGKC5hECbE44TDH
k8oxqUthEAHoI8Bj4DGeWQccz2bI2GzrDTRPrpkCgYB+gcd2RWLGKy/QpLr2K+sR
95mIs3FwooWOeWyyvuT7+Zk7xp8aLc79154xxVFjjvx5xZQhXMvS8I3YlDmCUP2V
xtCuP0Id3FcDFsbFx1OOrlxIdxRBURKsfConfdQYaQATe7K1lTjdDv1gnfkyedPQ
5tlolb3/2jyDBfWadoE/7QKBgB3hr4jtoQpvJgwsLPkmf8znNCxCxJbK+3AF/EOI
ka6/VYQAAoyGh6LFUofBqiya+foSoYZKm27ZgGjisMSyxX8zAllcVm+oU9HZa2ul
DLMADUh0b6KYkFVHsvtKGM9hYWv9jiWytEymyMaYhm3ZwmKnsVUN55MiFV/BFg17
ia6ZAoGBANimQlFMv2Zem6ZYQwD2s5/cR7/pZHkoD0lcLQjA1oF6WgMcKK797qTl
pZEO37zFhq1tdZCPH5YG6I0X6UlWzDnyLSH+HjQqDEvU9S7MdWR7myPMvr21zqOe
2rrwTnkNdrGTM6zLi1D89WvmBYwpo8Wsb9pKLnnGeWCyfJCZapP5
-----END RSA PRIVATE KEY-----

Hi @cqcsdzmt
Please do not share private keys in the public.
You should revoke this key and certificate

In addition,connecting to this server doesn’t require your certificate, as it doesn’t request a certificate.

I have tried connecting to the server, and I got a successfule TLS connection, with the chosen ciphersuite TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384
The issue is probably in your configuration. Do you have this ciphersuite and its components enabled in your configuration?

Regards