I am trying to do Fleet Provisioning on ESP32 to connect MQTT to AWS
my device after running Fleet Provisioning (automatically created thing name on AWS) then started connecting MQTT to AWS then got error as in LOG:
I (6253) AWS_SERVICE: CONN: Preparing to connect with device certificate
I (6263) AWS_SERVICE: CONN: Device cert length: 1220 bytes
I (6263) AWS_SERVICE: CONN: Device key length: 1679 bytes
I (6273) AWS_SERVICE: CONN: Thing name: LED_Panel_Matrix_004
I (6283) AWS_SERVICE: CONN: ROOT_CA length: 1189 bytes
I (6283) AWS_SERVICE: CONN: Broker URI: mqtts://a1ki7pyts60saz7-ats.iot.ap-southeast-1.amazonaws.com:8883
I (6293) AWS_SERVICE: CONN: Certificate validation passed, initializing MQTT client…
I (6303) AWS_SERVICE: CONN: Initializing MQTT client with device certificate…
I (6303) AWS_SERVICE: CONN: Registering event handler…
I (6313) AWS_SERVICE: CONN: Starting MQTT client (waiting for TLS handshake)…
I (6323) AWS_SERVICE: CONN: AWS MQTT client started for Thing: LED_Panel_Matrix_004
E (14553) esp-tls-mbedtls: mbedtls_ssl_handshake returned -0x7280
I (14553) esp-tls-mbedtls: Certificate verified.
E (14553) esp-tls: Failed to open new connection
E (14563) transport_base: Failed to open a new connection
E (14573) mqtt_client: Error transport connect
E (14573) AWS_SERVICE: MQTT_EVENT_ERROR
W (14573) AWS_SERVICE: MQTT_EVENT_DISCONNECTED
Device boot ok, WiFi connected successfully 
NVS device_certs initially empty → Fleet Provisioning is triggered
Device generates CSR, receives new certificate (d5f213…)
Certificate, key, and thing name are fully written to NVS
MQTT client initialized with device cert
Certificate verified
TLS handshake failed with mbedtls_ssl_handshake returned -0x7280
-0x7280 = MBEDTLS_ERR_SSL_PEER_CLOSE_NOTIFY → peer (AWS) closes connection after TLS handshake
Hope you guys can help me solve this problem! thanks