search

aws / aws-iot-device-sdk-embedded-C

SDK for connecting to AWS IoT from a device using embedded C.
MIT License
976 stars 629 forks source link

It seems that you are getting "Connection reset by peer" error and the server is rejecting the connection. It is a bit confusing as you mention that you are able to run the exact same code on a different machine. Would you please get the logs from that working machine too? Please make sure to copy the exact same code and creds. #1513

Closed shrinivasragolu closed 3 years ago

shrinivasragolu commented 3 years ago

It seems that you are getting "Connection reset by peer" error and the server is rejecting the connection. It is a bit confusing as you mention that you are able to run the exact same code on a different machine. Would you please get the logs from that working machine too? Please make sure to copy the exact same code and creds.

Also, would you please try increasing IOT_SSL_READ_TIMEOUT here (I am not much hopeful about this as the error is ECONNRESET but just to try): https://github.com/aws/aws-iot-device-sdk-embedded-C/blob/master/platform/linux/mbedtls/network_mbedtls_wrapper.c#L32

Thanks.

Originally posted by @aggarg in https://github.com/aws/aws-iot-device-sdk-embedded-C/issues/976#issuecomment-647576234

shrinivasragolu commented 3 years ago

Hi All,

I have ported AWS IoT Device SDK 3.0.1 along with MbedTLS 2.16.6 on custom MCU with tiny linux and facing below issue when I run the subscribe-publish-sample application. I have used AWS downloaded rootCA, device certificate and device private key, as it is.

Please help me in resolving the issue

=================================================================================

AWS IoT SDK Version 3.0.1- 
AWS IoT SDK Version 3.0.1-
DEBUG:   main L#159 rootCA /usr/bin/../../certs/AmazonRootCA1.pem

DEBUG:   main L#160 clientCRT /usr/bin/../../certs/891f9d37df-certificate.pem.crt

DEBUG:   main L#161 clientKey /usr/bin/../../certs/891f9d37df-private.pem.key

Connecting...

DEBUG:   iot_tls_connect L#151

. Seeding the random number generator...

DEBUG:   iot_tls_connect L#159   . Loading the CA root certificate ...

DEBUG:   iot_tls_connect L#165  ok (0 skipped)

DEBUG:   iot_tls_connect L#167   . Loading the client cert. and key...

DEBUG:   iot_tls_connect L#180  ok

DEBUG:   iot_tls_connect L#182   . Connecting to a2g7twmqo7hg82-ats.iot.ap-south-1.amazonaws.com/443...

DEBUG:   iot_tls_connect L#201  ok

DEBUG:   iot_tls_connect L#203   . Setting up the SSL/TLS structure...

DEBUG:   iot_tls_connect L#244

SSL state connect : 0

DEBUG:   iot_tls_connect L#247  ok

DEBUG:   iot_tls_connect L#249

SSL state connect : 0

DEBUG:   iot_tls_connect L#250   . Performing the SSL/TLS handshake...

ssl_tls.c:8098: |2| => handshake

ssl_cli.c:3522: |2| client state: 0

ssl_tls.c:2753: |2| => flush output

ssl_tls.c:2765: |2| <= flush output

ssl_cli.c:3522: |2| client state: 1

ssl_tls.c:2753: |2| => flush output

ssl_tls.c:2765: |2| <= flush output

ssl_cli.c:0774: |2| => write client hello

ssl_cli.c:0811: |3| client hello, max version: [3:3]

ssl_cli.c:0703: |3| client hello, current time: 62926

ssl_cli.c:0821: |3| dumping 'client hello, random bytes' (32 bytes)

ssl_cli.c:0821: |3| 0000:  00 00 f5 ce fb a4 7b e9 4e 1d 0c 77 9d ee 7c a3  ......{.N..w..|.

ssl_cli.c:0821: |3| 0010:  b7 20 bf 25 a5 5f 6f 2d 5d 50 46 58 db 52 67 d8  . .%.o-]PFX.Rg.

ssl_cli.c:0874: |3| client hello, session id len.: 0

ssl_cli.c:0875: |3| dumping 'client hello, session id' (0 bytes)

ssl_cli.c:0921: |3| client hello, add ciphersuite: cca8

ssl_cli.c:0921: |3| client hello, add ciphersuite: cca9

ssl_cli.c:0921: |3| client hello, add ciphersuite: ccaa

ssl_cli.c:0921: |3| client hello, add ciphersuite: c02c

ssl_cli.c:0921: |3| client hello, add ciphersuite: c030

ssl_cli.c:0921: |3| client hello, add ciphersuite: 009f

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0ad

ssl_cli.c:0921: |3| client hello, add ciphersuite: c09f

ssl_cli.c:0921: |3| client hello, add ciphersuite: c024

ssl_cli.c:0921: |3| client hello, add ciphersuite: c028

ssl_cli.c:0921: |3| client hello, add ciphersuite: 006b

ssl_cli.c:0921: |3| client hello, add ciphersuite: c00a

ssl_cli.c:0921: |3| client hello, add ciphersuite: c014

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0039

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0af

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0a3

ssl_cli.c:0921: |3| client hello, add ciphersuite: c087

ssl_cli.c:0921: |3| client hello, add ciphersuite: c08b

ssl_cli.c:0921: |3| client hello, add ciphersuite: c07d

ssl_cli.c:0921: |3| client hello, add ciphersuite: c073

ssl_cli.c:0921: |3| client hello, add ciphersuite: c077

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00c4

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0088

ssl_cli.c:0921: |3| client hello, add ciphersuite: c02b

ssl_cli.c:0921: |3| client hello, add ciphersuite: c02f

ssl_cli.c:0921: |3| client hello, add ciphersuite: 009e

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0ac

ssl_cli.c:0921: |3| client hello, add ciphersuite: c09e

ssl_cli.c:0921: |3| client hello, add ciphersuite: c023

ssl_cli.c:0921: |3| client hello, add ciphersuite: c027

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0067

ssl_cli.c:0921: |3| client hello, add ciphersuite: c009

ssl_cli.c:0921: |3| client hello, add ciphersuite: c013

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0033

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0ae

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0a2

ssl_cli.c:0921: |3| client hello, add ciphersuite: c086

ssl_cli.c:0921: |3| client hello, add ciphersuite: c08a

ssl_cli.c:0921: |3| client hello, add ciphersuite: c07c

ssl_cli.c:0921: |3| client hello, add ciphersuite: c072

ssl_cli.c:0921: |3| client hello, add ciphersuite: c076

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00be

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0045

ssl_cli.c:0921: |3| client hello, add ciphersuite: ccac

ssl_cli.c:0921: |3| client hello, add ciphersuite: ccad

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00ab

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0a7

ssl_cli.c:0921: |3| client hello, add ciphersuite: c038

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00b3

ssl_cli.c:0921: |3| client hello, add ciphersuite: c036

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0091

ssl_cli.c:0921: |3| client hello, add ciphersuite: c091

ssl_cli.c:0921: |3| client hello, add ciphersuite: c09b

ssl_cli.c:0921: |3| client hello, add ciphersuite: c097

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0ab

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00aa

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0a6

ssl_cli.c:0921: |3| client hello, add ciphersuite: c037

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00b2

ssl_cli.c:0921: |3| client hello, add ciphersuite: c035

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0090

ssl_cli.c:0921: |3| client hello, add ciphersuite: c090

ssl_cli.c:0921: |3| client hello, add ciphersuite: c096

ssl_cli.c:0921: |3| client hello, add ciphersuite: c09a

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0aa

ssl_cli.c:0921: |3| client hello, add ciphersuite: 009d

ssl_cli.c:0921: |3| client hello, add ciphersuite: c09d

ssl_cli.c:0921: |3| client hello, add ciphersuite: 003d

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0035

ssl_cli.c:0921: |3| client hello, add ciphersuite: c032

ssl_cli.c:0921: |3| client hello, add ciphersuite: c02a

ssl_cli.c:0921: |3| client hello, add ciphersuite: c00f

ssl_cli.c:0921: |3| client hello, add ciphersuite: c02e

ssl_cli.c:0921: |3| client hello, add ciphersuite: c026

ssl_cli.c:0921: |3| client hello, add ciphersuite: c005

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0a1

ssl_cli.c:0921: |3| client hello, add ciphersuite: c07b

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00c0

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0084

ssl_cli.c:0921: |3| client hello, add ciphersuite: c08d

ssl_cli.c:0921: |3| client hello, add ciphersuite: c079

ssl_cli.c:0921: |3| client hello, add ciphersuite: c089

ssl_cli.c:0921: |3| client hello, add ciphersuite: c075

ssl_cli.c:0921: |3| client hello, add ciphersuite: 009c

ssl_cli.c:0921: |3| client hello, add ciphersuite: c09c

ssl_cli.c:0921: |3| client hello, add ciphersuite: 003c

ssl_cli.c:0921: |3| client hello, add ciphersuite: 002f

ssl_cli.c:0921: |3| client hello, add ciphersuite: c031

ssl_cli.c:0921: |3| client hello, add ciphersuite: c029

ssl_cli.c:0921: |3| client hello, add ciphersuite: c00e

ssl_cli.c:0921: |3| client hello, add ciphersuite: c02d

ssl_cli.c:0921: |3| client hello, add ciphersuite: c025

ssl_cli.c:0921: |3| client hello, add ciphersuite: c004

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0a0

ssl_cli.c:0921: |3| client hello, add ciphersuite: c07a

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00ba

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0041

ssl_cli.c:0921: |3| client hello, add ciphersuite: c08c

ssl_cli.c:0921: |3| client hello, add ciphersuite: c078

ssl_cli.c:0921: |3| client hello, add ciphersuite: c088

ssl_cli.c:0921: |3| client hello, add ciphersuite: c074

ssl_cli.c:0921: |3| client hello, add ciphersuite: ccae

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00ad

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00b7

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0095

ssl_cli.c:0921: |3| client hello, add ciphersuite: c093

ssl_cli.c:0921: |3| client hello, add ciphersuite: c099

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00ac

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00b6

ssl_cli.c:0921: |3| client hello, add ciphersuite: 0094

ssl_cli.c:0921: |3| client hello, add ciphersuite: c092

ssl_cli.c:0921: |3| client hello, add ciphersuite: c098

ssl_cli.c:0921: |3| client hello, add ciphersuite: ccab

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00a9

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0a5

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00af

ssl_cli.c:0921: |3| client hello, add ciphersuite: 008d

ssl_cli.c:0921: |3| client hello, add ciphersuite: c08f

ssl_cli.c:0921: |3| client hello, add ciphersuite: c095

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0a9

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00a8

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0a4

ssl_cli.c:0921: |3| client hello, add ciphersuite: 00ae

ssl_cli.c:0921: |3| client hello, add ciphersuite: 008c

ssl_cli.c:0921: |3| client hello, add ciphersuite: c08e

ssl_cli.c:0921: |3| client hello, add ciphersuite: c094

ssl_cli.c:0921: |3| client hello, add ciphersuite: c0a8

ssl_cli.c:0934: |3| client hello, got 127 ciphersuites (excluding SCSVs)

ssl_cli.c:0943: |3| adding EMPTY_RENEGOTIATION_INFO_SCSV

ssl_cli.c:0992: |3| client hello, compress len.: 1

ssl_cli.c:0993: |3| client hello, compress alg.: 0

ssl_cli.c:0068: |3| client hello, adding server name extension: a2g7twmqo7hg82-ats.iot.ap-south-1.amazonaws.com

ssl_cli.c:0186: |3| client hello, adding signature_algorithms extension

ssl_cli.c:0271: |3| client hello, adding supported_elliptic_curves extension

ssl_cli.c:0336: |3| client hello, adding supported_point_formats extension

ssl_cli.c:0517: |3| client hello, adding encrypt_then_mac extension

ssl_cli.c:0551: |3| client hello, adding extended_master_secret extension

ssl_cli.c:0630: |3| client hello, adding alpn extension

ssl_cli.c:0585: |3| client hello, adding session ticket extension

ssl_cli.c:1070: |3| client hello, total extension length: 149

ssl_tls.c:3192: |2| => write handshake message

ssl_tls.c:3351: |2| => write record

ssl_tls.c:3428: |3| output record: msgtype = 22, version = [3:1], msglen = 450

ssl_tls.c:3433: |4| dumping 'output record sent to network' (455 bytes)

ssl_tls.c:3433: |4| 0000:  16 03 01 01 c2 01 00 01 be 03 03 00 00 f5 ce fb  ................

ssl_tls.c:3433: |4| 0010:  a4 7b e9 4e 1d 0c 77 9d ee 7c a3 b7 20 bf 25 a5  .{.N..w..|.. .%.

ssl_tls.c:3433: |4| 0020:  5f 6f 2d 5d 50 46 58 db 52 67 d8 00 01 00 cc a8  o-]PFX.Rg......

ssl_tls.c:3433: |4| 0030:  cc a9 cc aa c0 2c c0 30 00 9f c0 ad c0 9f c0 24  .....,.0.......$

ssl_tls.c:3433: |4| 0040:  c0 28 00 6b c0 0a c0 14 00 39 c0 af c0 a3 c0 87  .(.k.....9......

ssl_tls.c:3433: |4| 0050:  c0 8b c0 7d c0 73 c0 77 00 c4 00 88 c0 2b c0 2f  ...}.s.w.....+./

ssl_tls.c:3433: |4| 0060:  00 9e c0 ac c0 9e c0 23 c0 27 00 67 c0 09 c0 13  .......#.'.g....

ssl_tls.c:3433: |4| 0070:  00 33 c0 ae c0 a2 c0 86 c0 8a c0 7c c0 72 c0 76  .3.........|.r.v

ssl_tls.c:3433: |4| 0080:  00 be 00 45 cc ac cc ad 00 ab c0 a7 c0 38 00 b3  ...E.........8..

ssl_tls.c:3433: |4| 0090:  c0 36 00 91 c0 91 c0 9b c0 97 c0 ab 00 aa c0 a6  .6..............

ssl_tls.c:3433: |4| 00a0:  c0 37 00 b2 c0 35 00 90 c0 90 c0 96 c0 9a c0 aa  .7...5..........

ssl_tls.c:3433: |4| 00b0:  00 9d c0 9d 00 3d 00 35 c0 32 c0 2a c0 0f c0 2e  .....=.5.2.....

ssl_tls.c:3433: |4| 00c0:  c0 26 c0 05 c0 a1 c0 7b 00 c0 00 84 c0 8d c0 79  .&.....{.......y

ssl_tls.c:3433: |4| 00d0:  c0 89 c0 75 00 9c c0 9c 00 3c 00 2f c0 31 c0 29  ...u.....<./.1.)

ssl_tls.c:3433: |4| 00e0:  c0 0e c0 2d c0 25 c0 04 c0 a0 c0 7a 00 ba 00 41  ...-.%.....z...A

ssl_tls.c:3433: |4| 00f0:  c0 8c c0 78 c0 88 c0 74 cc ae 00 ad 00 b7 00 95  ...x...t........

ssl_tls.c:3433: |4| 0100:  c0 93 c0 99 00 ac 00 b6 00 94 c0 92 c0 98 cc ab  ................

ssl_tls.c:3433: |4| 0110:  00 a9 c0 a5 00 af 00 8d c0 8f c0 95 c0 a9 00 a8  ................

ssl_tls.c:3433: |4| 0120:  c0 a4 00 ae 00 8c c0 8e c0 94 c0 a8 00 ff 01 00  ................

ssl_tls.c:3433: |4| 0130:  00 95 00 00 00 34 00 32 00 00 2f 61 32 67 37 74  .....4.2../a2g7t

ssl_tls.c:3433: |4| 0140:  77 6d 71 6f 37 68 67 38 32 2d 61 74 73 2e 69 6f  wmqo7hg82-ats.io

ssl_tls.c:3433: |4| 0150:  74 2e 61 70 2d 73 6f 75 74 68 2d 31 2e 61 6d 61  t.ap-south-1.ama

ssl_tls.c:3433: |4| 0160:  7a 6f 6e 61 77 73 2e 63 6f 6d 00 0d 00 16 00 14  zonaws.com......

ssl_tls.c:3433: |4| 0170:  06 03 06 01 05 03 05 01 04 03 04 01 03 03 03 01  ................

ssl_tls.c:3433: |4| 0180:  02 03 02 01 00 0a 00 18 00 16 00 19 00 1c 00 18  ................

ssl_tls.c:3433: |4| 0190:  00 1b 00 17 00 16 00 1a 00 15 00 14 00 13 00 12  ................

ssl_tls.c:3433: |4| 01a0:  00 0b 00 02 01 00 00 16 00 00 00 17 00 00 00 10  ................

ssl_tls.c:3433: |4| 01b0:  00 11 00 0f 0e 78 2d 61 6d 7a 6e 2d 6d 71 74 74  .....x-amzn-mqtt

ssl_tls.c:3433: |4| 01c0:  2d 63 61 00 23 00 00                             -ca.#..

ssl_tls.c:2753: |2| => flush output

ssl_tls.c:2771: |2| message length: 455, out_left: 455

ssl_tls.c:2777: |2| ssl->f_send() returned 455 (-0xfffffe39)

ssl_tls.c:2805: |2| <= flush output

ssl_tls.c:3484: |2| <= write record

ssl_tls.c:3328: |2| <= write handshake message

ssl_cli.c:1106: |2| <= write client hello

ssl_cli.c:3522: |2| client state: 2

ssl_tls.c:2753: |2| => flush output

ssl_tls.c:2765: |2| <= flush output

ssl_cli.c:1511: |2| => parse server hello

ssl_tls.c:4325: |2| => read record

ssl_tls.c:2534: |2| => fetch input

ssl_tls.c:2694: |2| in_left: 0, nb_want: 5

ssl_tls.c:2718: |2| in_left: 0, nb_want: 5

ssl_tls.c:2720: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)

ssl_tls.c:2740: |2| <= fetch input

ssl_tls.c:4061: |4| dumping 'input record header' (5 bytes)

ssl_tls.c:4061: |4| 0000:  16 03 03 00 70                                   ....p

ssl_tls.c:4067: |3| input record: msgtype = 22, version = [3:3], msglen = 112

ssl_tls.c:2534: |2| => fetch input

ssl_tls.c:2694: |2| in_left: 5, nb_want: 117

ssl_tls.c:2718: |2| in_left: 5, nb_want: 117

ssl_tls.c:2720: |2| ssl->f_recv(_timeout)() returned 112 (-0xffffff90)

ssl_tls.c:2740: |2| <= fetch input

ssl_tls.c:4246: |4| dumping 'input record from network' (117 bytes)

ssl_tls.c:4246: |4| 0000:  16 03 03 00 70 02 00 00 6c 03 03 b7 5b 52 4b 03  ....p...l...[RK.

ssl_tls.c:4246: |4| 0010:  cf 87 ba 05 a6 ae 4b c5 95 bf 21 5c b1 e4 2f d6  ......K...!../.

ssl_tls.c:4246: |4| 0020:  f7 81 89 a0 8b da 2d 24 eb dd 44 20 d8 14 6a 7c  ......-$..D ..j|

ssl_tls.c:4246: |4| 0030:  0b 16 e0 88 8c cb fc e4 ca 6d 82 33 5a 55 75 8e  .........m.3ZUu.

ssl_tls.c:4246: |4| 0040:  a2 e0 44 b2 6d 4e c1 c8 f0 b9 4a e4 c0 2f 00 00  ..D.mN....J../..

ssl_tls.c:4246: |4| 0050:  24 00 00 00 00 00 0b 00 02 01 00 ff 01 00 01 00  $...............

ssl_tls.c:4246: |4| 0060:  00 10 00 11 00 0f 0e 78 2d 61 6d 7a 6e 2d 6d 71  .......x-amzn-mq

ssl_tls.c:4246: |4| 0070:  74 74 2d 63 61                                   tt-ca

ssl_tls.c:3632: |3| handshake message: msglen = 112, type = 2, hslen = 112

ssl_tls.c:4399: |2| <= read record

ssl_cli.c:1591: |3| dumping 'server hello, version' (2 bytes)

ssl_cli.c:1591: |3| 0000:  03 03                                            ..

ssl_cli.c:1612: |3| server hello, current time: 3076215371

ssl_cli.c:1622: |3| dumping 'server hello, random bytes' (32 bytes)

ssl_cli.c:1622: |3| 0000:  b7 5b 52 4b 03 cf 87 ba 05 a6 ae 4b c5 95 bf 21  .[RK.......K...!

ssl_cli.c:1622: |3| 0010:  5c b1 e4 2f d6 f7 81 89 a0 8b da 2d 24 eb dd 44  ../.......-$..D

ssl_cli.c:1702: |3| server hello, session id len.: 32

ssl_cli.c:1703: |3| dumping 'server hello, session id' (32 bytes)

ssl_cli.c:1703: |3| 0000:  d8 14 6a 7c 0b 16 e0 88 8c cb fc e4 ca 6d 82 33  ..j|.........m.3

ssl_cli.c:1703: |3| 0010:  5a 55 75 8e a2 e0 44 b2 6d 4e c1 c8 f0 b9 4a e4  ZUu...D.mN....J.

ssl_cli.c:1740: |3| no session has been resumed

ssl_cli.c:1743: |3| server hello, chosen ciphersuite: c02f

ssl_cli.c:1744: |3| server hello, compress alg.: 0

ssl_cli.c:1776: |3| server hello, chosen ciphersuite: TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256

ssl_cli.c:1801: |2| server hello, total extension length: 36

ssl_cli.c:1936: |3| unknown extension found: 0 (ignoring)

ssl_cli.c:1900: |3| found supported_point_formats extension

ssl_cli.c:1292: |4| point format selected: 0

ssl_cli.c:1821: |3| found renegotiation extension

ssl_cli.c:1927: |3| found alpn extension

ssl_cli.c:1990: |2| <= parse server hello

ssl_cli.c:3522: |2| client state: 3

ssl_tls.c:2753: |2| => flush output

ssl_tls.c:2765: |2| <= flush output

ssl_tls.c:5669: |2| => parse certificate

ssl_tls.c:4325: |2| => read record

ssl_tls.c:2534: |2| => fetch input

ssl_tls.c:2694: |2| in_left: 0, nb_want: 5

ssl_tls.c:2718: |2| in_left: 0, nb_want: 5

ssl_tls.c:2720: |2| ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)

ssl_tls.c:2740: |2| <= fetch input

ssl_tls.c:4061: |4| dumping 'input record header' (5 bytes)

ssl_tls.c:4061: |4| 0000:  16 03 03 13 17                                   .....

ssl_tls.c:4067: |3| input record: msgtype = 22, version = [3:3], msglen = 4887

ssl_tls.c:2534: |2| => fetch input

ssl_tls.c:2694: |2| in_left: 5, nb_want: 4892

ssl_tls.c:2718: |2| in_left: 5, nb_want: 4892

ssl_tls.c:2720: |2| ssl->f_recv(_timeout)() returned 1443 (-0xfffffa5d)

ssl_tls.c:2718: |2| in_left: 1448, nb_want: 4892

ssl_tls.c:2720: |2| ssl->f_recv(_timeout)() returned 3444 (-0xfffff28c)

ssl_tls.c:2740: |2| <= fetch input

ssl_tls.c:4246: |4| dumping 'input record from network' (4892 bytes)

ssl_tls.c:4246: |4| 0000:  16 03 03 13 17 0b 00 13 13 00 13 10 00 05 a8 30  ...............0

ssl_tls.c:4246: |4| 0010:  82 05 a4 30 82 04 8c a0 03 02 01 02 02 10 0b a7  ...0............

ssl_tls.c:4246: |4| 0020:  6b ff e6 49 97 b3 ed 47 6a 71 6c 0c c7 07 30 0d  k..I...Gjql...0.

ssl_tls.c:4246: |4| 0030:  06 09 2a 86 48 86 f7 0d 01 01 0b 05 00 30 46 31  ...H........0F1

ssl_tls.c:4246: |4| 0040:  0b 30 09 06 03 55 04 06 13 02 55 53 31 0f 30 0d  .0...U....US1.0.

ssl_tls.c:4246: |4| 0050:  06 03 55 04 0a 13 06 41 6d 61 7a 6f 6e 31 15 30  ..U....Amazon1.0

ssl_tls.c:4246: |4| 0060:  13 06 03 55 04 0b 13 0c 53 65 72 76 65 72 20 43  ...U....Server C

ssl_tls.c:4246: |4| 0070:  41 20 31 42 31 0f 30 0d 06 03 55 04 03 13 06 41  A 1B1.0...U....A

ssl_tls.c:4246: |4| 0080:  6d 61 7a 6f 6e 30 1e 17 0d 32 30 30 38 32 30 30  mazon0...2008200

ssl_tls.c:4246: |4| 0090:  30 30 30 30 30 5a 17 0d 32 31 30 38 31 39 31 32  00000Z..21081912

ssl_tls.c:4246: |4| 00a0:  30 30 30 30 5a 30 29 31 27 30 25 06 03 55 04 03  0000Z0)1'0%..U..

ssl_tls.c:4246: |4| 00b0:  0c 1e 2a 2e 69 6f 74 2e 61 70 2d 73 6f 75 74 68  ...iot.ap-south

ssl_tls.c:4246: |4| 00c0:  2d 31 2e 61 6d 61 7a 6f 6e 61 77 73 2e 63 6f 6d  -1.amazonaws.com

ssl_tls.c:4246: |4| 00d0:  30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01  0.."0....H.....

ssl_tls.c:4246: |4| 00e0:  01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01  ........0.......

ssl_tls.c:4246: |4| 00f0:  00 d1 18 46 dd 2f 4b 6d ec c8 16 fd c9 91 48 e9  ...F./Km......H.

ssl_tls.c:4246: |4| 0100:  be b7 0a b1 6f c0 d4 42 7f f6 be 2d 3c ee 4e 30  ....o..B...-<.N0

ssl_tls.c:4246: |4| 0110:  e0 58 92 cd 3a 10 4c 85 4c 6a 5b db 97 4f 90 8d  .X..:.L.Lj[..O..

ssl_tls.c:4246: |4| 0120:  d8 b2 70 86 f2 93 2f 05 8b f7 6d 3e 4f f6 f6 fd  ..p.../...m>O...

ssl_tls.c:4246: |4| 0130:  38 ae c5 b8 83 b2 d9 db 3a 75 88 88 85 15 b0 78  8.......:u.....x

ssl_tls.c:4246: |4| 0140:  a2 fd 51 85 b2 35 6e 99 48 8a bd b9 6f 7c d4 c0  ..Q..5n.H...o|..

ssl_tls.c:4246: |4| 0150:  ce 8b ee 57 1f 1e f8 53 46 50 ad 60 d0 6a 4e 59  ...W...SFP..jNY ssl_tls.c:4246: |4| 0160:  da 93 73 b6 13 92 76 15 a1 44 b7 78 2c 91 70 27  ..s...v..D.x,.p' ssl_tls.c:4246: |4| 0170:  21 c4 54 fe 51 20 e7 4a e1 26 13 18 3d 1f 54 4c  !.T.Q .J.&..=.TL ssl_tls.c:4246: |4| 0180:  c0 bc 56 2d 5f d0 20 c6 5c 20 26 7c 8f fd 98 2f  ..V-_. .\ &|.../ ssl_tls.c:4246: |4| 0190:  8c 84 09 50 d4 86 3c a8 ff 46 b9 63 2e b1 0d a8  ...P..<..F.c.... ssl_tls.c:4246: |4| 01a0:  a6 2e f4 58 ec ee f3 49 a5 51 5e 92 16 10 7c ee  ...X...I.Q^...|. ssl_tls.c:4246: |4| 01b0:  91 06 ad 9d be a6 76 0a 0e b8 48 f8 82 c5 8e 37  ......v...H....7 ssl_tls.c:4246: |4| 01c0:  bc ec 19 60 10 d5 e6 13 b2 4c 7d 48 d2 cd 6f 77  ........L}H..ow

ssl_tls.c:4246: |4| 01d0:  f2 8a 35 54 e0 b3 bb 64 cf 00 3f 3a b0 4b 24 db  ..5T...d..?:.K$.

ssl_tls.c:4246: |4| 01e0:  89 70 31 5c 65 9a 8d 21 cf 36 1a f9 95 27 82 95  .p1\e..!.6...'..

ssl_tls.c:4246: |4| 01f0:  81 02 03 01 00 01 a3 82 02 a9 30 82 02 a5 30 1f  ..........0...0.

ssl_tls.c:4246: |4| 0200:  06 03 55 1d 23 04 18 30 16 80 14 59 a4 66 06 52  ..U.#..0...Y.f.R

ssl_tls.c:4246: |4| 0210:  a0 7b 95 92 3c a3 94 07 27 96 74 5b f9 3d d0 30  .{..<...'.t[.=.0

ssl_tls.c:4246: |4| 0220:  1d 06 03 55 1d 0e 04 16 04 14 db 4b 99 17 63 c6  ...U.......K..c.

ssl_tls.c:4246: |4| 0230:  01 d1 7d 04 20 ea 04 78 8d c6 9a ce cf 81 30 47  ..}. ..x......0G

ssl_tls.c:4246: |4| 0240:  06 03 55 1d 11 04 40 30 3e 82 1c 69 6f 74 2e 61  ..U...@0>..iot.a

ssl_tls.c:4246: |4| 0250:  70 2d 73 6f 75 74 68 2d 31 2e 61 6d 61 7a 6f 6e  p-south-1.amazon

ssl_tls.c:4246: |4| 0260:  61 77 73 2e 63 6f 6d 82 1e 2a 2e 69 6f 74 2e 61  aws.com..*.iot.a

ssl_tls.c:4246: |4| 0270:  70 2d 73 6f 75 74 68 2d 31 2e 61 6d 61 7a 6f 6e  p-south-1.amazon

ssl_tls.c:4246: |4| 0280:  61 77 73 2e 63 6f 6d 30 0e 06 03 55 1d 0f 01 01  aws.com0...U....

ssl_tls.c:4246: |4| 0290:  ff 04 04 03 02 05 a0 30 1d 06 03 55 1d 25 04 16  .......0...U.%..

ssl_tls.c:4246: |4| 02a0:  30 14 06 08 2b 06 01 05 05 07 03 01 06 08 2b 06  0...+.........+.

ssl_tls.c:4246: |4| 02b0:  01 05 05 07 03 02 30 3b 06 03 55 1d 1f 04 34 30  ......0;..U...40

ssl_tls.c:4246: |4| 02c0:  32 30 30 a0 2e a0 2c 86 2a 68 74 74 70 3a 2f 2f  200...,.http://

ssl_tls.c:4246: |4| 02d0:  63 72 6c 2e 73 63 61 31 62 2e 61 6d 61 7a 6f 6e  crl.sca1b.amazon

ssl_tls.c:4246: |4| 02e0:  74 72 75 73 74 2e 63 6f 6d 2f 73 63 61 31 62 2e  trust.com/sca1b.

ssl_tls.c:4246: |4| 02f0:  63 72 6c 30 20 06 03 55 1d 20 04 19 30 17 30 0b  crl0 ..U. ..0.0.

ssl_tls.c:4246: |4| 0300:  06 09 60 86 48 01 86 fd 6c 01 02 30 08 06 06 67  ...H...l..0...g ssl_tls.c:4246: |4| 0310:  81 0c 01 02 01 30 75 06 08 2b 06 01 05 05 07 01  .....0u..+...... ssl_tls.c:4246: |4| 0320:  01 04 69 30 67 30 2d 06 08 2b 06 01 05 05 07 30  ..i0g0-..+.....0 ssl_tls.c:4246: |4| 0330:  01 86 21 68 74 74 70 3a 2f 2f 6f 63 73 70 2e 73  ..!http://ocsp.s ssl_tls.c:4246: |4| 0340:  63 61 31 62 2e 61 6d 61 7a 6f 6e 74 72 75 73 74  ca1b.amazontrust ssl_tls.c:4246: |4| 0350:  2e 63 6f 6d 30 36 06 08 2b 06 01 05 05 07 30 02  .com06..+.....0. ssl_tls.c:4246: |4| 0360:  86 2a 68 74 74 70 3a 2f 2f 63 72 74 2e 73 63 61  .*http://crt.sca ssl_tls.c:4246: |4| 0370:  31 62 2e 61 6d 61 7a 6f 6e 74 72 75 73 74 2e 63  1b.amazontrust.c ssl_tls.c:4246: |4| 0380:  6f 6d 2f 73 63 61 31 62 2e 63 72 74 30 0c 06 03  om/sca1b.crt0... ssl_tls.c:4246: |4| 0390:  55 1d 13 01 01 ff 04 02 30 00 30 82 01 05 06 0a  U.......0.0..... ssl_tls.c:4246: |4| 03a0:  2b 06 01 04 01 d6 79 02 04 02 04 81 f6 04 81 f3  +.....y......... ssl_tls.c:4246: |4| 03b0:  00 f1 00 77 00 f6 5c 94 2f d1 77 30 22 14 54 18  ...w..\./.w0".T. ssl_tls.c:4246: |4| 03c0:  08 30 94 56 8e e3 4d 13 19 33 bf df 0c 2f 20 0b  .0.V..M..3.../ . ssl_tls.c:4246: |4| 03d0:  cc 4e f1 64 e3 00 00 01 74 09 75 41 7e 00 00 04  .N.d....t.uA~... ssl_tls.c:4246: |4| 03e0:  03 00 48 30 46 02 21 00 cb e7 78 f3 f0 3c c2 5a  ..H0F.!...x..<.Z ssl_tls.c:4246: |4| 03f0:  9e e8 8e cd 9c a7 59 19 f9 78 26 ff 9a 27 a7 96  ......Y..x&..'.. ssl_tls.c:4246: |4| 0400:  56 4b c8 12 cb e6 cd 8b 02 21 00 85 8e 03 94 2f  VK.......!...../ ssl_tls.c:4246: |4| 0410:  10 e4 aa f3 09 64 07 2d eb c2 97 ea 58 60 1b 89  .....d.-....X..

ssl_tls.c:4246: |4| 0420:  42 57 7e 58 4f 71 55 67 80 36 ff 00 76 00 5c dc  BWXOqUg.6..v..

ssl_tls.c:4246: |4| 0430:  43 92 fe e6 ab 45 44 b1 5e 9a d4 56 e6 10 37 fb  C....ED.^..V..7.

ssl_tls.c:4246: |4| 0440:  d5 fa 47 dc a1 73 94 b2 5e e6 f6 c7 0e ca 00 00  ..G..s..^.......

ssl_tls.c:4246: |4| 0450:  01 74 09 75 41 7f 00 00 04 03 00 47 30 45 02 20  .t.uA......G0E.

ssl_tls.c:4246: |4| 0460:  78 be 79 3c 7a b6 fb 74 46 0a 7f 8e a3 da 49 1d  x.yY.~5P6..].3.

ssl_tls.c:4246: |4| 0570:  57 93 de a7 fe 7a 5c ce aa 80 21 5c 73 dd aa bd  W....z...!\s...

ssl_tls.c:4246: |4| 0580:  9f cf 3c 25 bb 6c e7 f3 f1 11 9d ce d0 d9 86 e4  ..<%.l..........

ssl_tls.c:4246: |4| 0590:  a7 98 58 a3 71 4a d4 5f 27 07 5f ae de fb 54 f0  ..X.qJ.'....T.

ssl_tls.c:4246: |4| 05a0:  61 1c b7 6f 85 2c a3 c6 28 4c 71 46 6a 9c 92 a4  a..o.,..(LqFj...

ssl_tls.c:4246: |4| 05b0:  d2 ab f0 4c 47 0a d4 00 04 4d 30 82 04 49 30 82  ...LG....M0..I0.

ssl_tls.c:4246: |4| 05c0:  03 31 a0 03 02 01 02 02 13 06 7f 94 57 85 87 e8  .1..........W...

ssl_tls.c:4246: |4| 05d0:  ac 77 de b2 53 32 5b bc 99 8b 56 0d 30 0d 06 09  .w..S2[...V.0...

ssl_tls.c:4246: |4| 05e0:  2a 86 48 86 f7 0d 01 01 0b 05 00 30 39 31 0b 30  .H........091.0

ssl_tls.c:4246: |4| 05f0:  09 06 03 55 04 06 13 02 55 53 31 0f 30 0d 06 03  ...U....US1.0...

ssl_tls.c:4246: |4| 0600:  55 04 0a 13 06 41 6d 61 7a 6f 6e 31 19 30 17 06  U....Amazon1.0..

ssl_tls.c:4246: |4| 0610:  03 55 04 03 13 10 41 6d 61 7a 6f 6e 20 52 6f 6f  .U....Amazon Roo

ssl_tls.c:4246: |4| 0620:  74 20 43 41 20 31 30 1e 17 0d 31 35 31 30 32 32  t CA 10...151022

ssl_tls.c:4246: |4| 0630:  30 30 30 30 30 30 5a 17 0d 32 35 31 30 31 39 30  000000Z..2510190

ssl_tls.c:4246: |4| 0640:  30 30 30 30 30 5a 30 46 31 0b 30 09 06 03 55 04  00000Z0F1.0...U.

ssl_tls.c:4246: |4| 0650:  06 13 02 55 53 31 0f 30 0d 06 03 55 04 0a 13 06  ...US1.0...U....

ssl_tls.c:4246: |4| 0660:  41 6d 61 7a 6f 6e 31 15 30 13 06 03 55 04 0b 13  Amazon1.0...U...

ssl_tls.c:4246: |4| 0670:  0c 53 65 72 76 65 72 20 43 41 20 31 42 31 0f 30  .Server CA 1B1.0

ssl_tls.c:4246: |4| 0680:  0d 06 03 55 04 03 13 06 41 6d 61 7a 6f 6e 30 82  ...U....Amazon0.

ssl_tls.c:4246: |4| 0690:  01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05  ."0....H.......

ssl_tls.c:4246: |4| 06a0:  00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 c2  ......0.........

ssl_tls.c:4246: |4| 06b0:  4e 16 67 dd ce bc 6a c8 37 5a ec 3a 30 b0 1d e6  N.g...j.7Z.:0...

ssl_tls.c:4246: |4| 06c0:  d1 12 e8 12 28 48 cc e8 29 c1 b9 6e 53 d5 a3 eb  ....(H..)..nS...

ssl_tls.c:4246: |4| 06d0:  03 39 1a cc 77 87 f6 01 b9 d9 70 cc cf 6b 8d e3  .9..w.....p..k..

ssl_tls.c:4246: |4| 06e0:  e3 03 71 86 99 6d cb a6 94 2a 4e 13 d6 a7 bd 04  ..q..m...N.....

ssl_tls.c:4246: |4| 06f0:  ec 0a 16 3c 0a eb 39 b1 c4 b5 58 a3 b6 c7 56 25  ...<..9...X...V%

ssl_tls.c:4246: |4| 0700:  ec 3e 52 7a a8 e3 29 16 07 b9 6e 50 cf fb 5f 31  .>Rz..)...nP..1

ssl_tls.c:4246: |4| 0710:  f8 1d ba 03 4a 62 89 03 ae 3e 47 f2 0f 27 91 e3  ....Jb...>G..'..

ssl_tls.c:4246: |4| 0720:  14 20 85 f8 fa e9 8a 35 f5 5f 9e 99 4d e7 6b 37  . .....5...M.k7

ssl_tls.c:4246: |4| 0730:  ef a4 50 3e 44 ec fa 5a 85 66 07 9c 7e 17 6a 55  ..P>D..Z.f...jU

ssl_tls.c:4246: |4| 0740:  f3 17 8a 35 1e ee e9 ac c3 75 4e 58 55 7d 53 6b  ...5.....uNXU}Sk

ssl_tls.c:4246: |4| 0750:  0a 6b 9b 14 42 d7 e5 ac 01 89 b3 ea a3 fe cf c0  .k..B...........

ssl_tls.c:4246: |4| 0760:  2b 0c 84 c2 d8 53 15 cb 67 f0 d0 88 ca 3a d1 17  +....S..g....:..

ssl_tls.c:4246: |4| 0770:  73 f5 5f 9a d4 c5 72 1e 7e 01 f1 98 30 63 2a aa  s._...r....0c.

ssl_tls.c:4246: |4| 0780:  f2 7a 2d c5 e2 02 1a 86 e5 32 3e 0e bd 11 b4 cf  .z-......2>.....

ssl_tls.c:4246: |4| 0790:  3c 93 ef 17 50 10 9e 43 c2 06 2a e0 0d 68 be d3  <...P..C....h..

ssl_tls.c:4246: |4| 07a0:  88 8b 4a 65 8c 4a d4 c3 2e 4c 9b 55 f4 86 e5 02  ..Je.J...L.U....

ssl_tls.c:4246: |4| 07b0:  03 01 00 01 a3 82 01 3b 30 82 01 37 30 12 06 03  .......;0..70...

ssl_tls.c:4246: |4| 07c0:  55 1d 13 01 01 ff 04 08 30 06 01 01 ff 02 01 00  U.......0.......

ssl_tls.c:4246: |4| 07d0:  30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 01 86  0...U...........

ssl_tls.c:4246: |4| 07e0:  30 1d 06 03 55 1d 0e 04 16 04 14 59 a4 66 06 52  0...U......Y.f.R

ssl_tls.c:4246: |4| 07f0:  a0 7b 95 92 3c a3 94 07 27 96 74 5b f9 3d d0 30  .{..<...'.t[.=.0

ssl_tls.c:4246: |4| 0800:  1f 06 03 55 1d 23 04 18 30 16 80 14 84 18 cc 85  ...U.#..0.......

ssl_tls.c:4246: |4| 0810:  34 ec bc 0c 94 94 2e 08 59 9c c7 b2 10 4e 0a 08  4.......Y....N..

ssl_tls.c:4246: |4| 0820:  30 7b 06 08 2b 06 01 05 05 07 01 01 04 6f 30 6d  0{..+........o0m

ssl_tls.c:4246: |4| 0830:  30 2f 06 08 2b 06 01 05 05 07 30 01 86 23 68 74  0/..+.....0..#ht

ssl_tls.c:4246: |4| 0840:  74 70 3a 2f 2f 6f 63 73 70 2e 72 6f 6f 74 63 61  tp://ocsp.rootca

ssl_tls.c:4246: |4| 0850:  31 2e 61 6d 61 7a 6f 6e 74 72 75 73 74 2e 63 6f  1.amazontrust.co

ssl_tls.c:4246: |4| 0860:  6d 30 3a 06 08 2b 06 01 05 05 07 30 02 86 2e 68  m0:..+.....0...h

ssl_tls.c:4246: |4| 0870:  74 74 70 3a 2f 2f 63 72 74 2e 72 6f 6f 74 63 61  ttp://crt.rootca

ssl_tls.c:4246: |4| 0880:  31 2e 61 6d 61 7a 6f 6e 74 72 75 73 74 2e 63 6f  1.amazontrust.co

ssl_tls.c:4246: |4| 0890:  6d 2f 72 6f 6f 74 63 61 31 2e 63 65 72 30 3f 06  m/rootca1.cer0?.

ssl_tls.c:4246: |4| 08a0:  03 55 1d 1f 04 38 30 36 30 34 a0 32 a0 30 86 2e  .U...80604.2.0..

ssl_tls.c:4246: |4| 08b0:  68 74 74 70 3a 2f 2f 63 72 6c 2e 72 6f 6f 74 63  http://crl.rootc

ssl_tls.c:4246: |4| 08c0:  61 31 2e 61 6d 61 7a 6f 6e 74 72 75 73 74 2e 63  a1.amazontrust.c

ssl_tls.c:4246: |4| 08d0:  6f 6d 2f 72 6f 6f 74 63 61 31 2e 63 72 6c 30 13  om/rootca1.crl0.

ssl_tls.c:4246: |4| 08e0:  06 03 55 1d 20 04 0c 30 0a 30 08 06 06 67 81 0c  ..U. ..0.0...g..

ssl_tls.c:4246: |4| 08f0:  01 02 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 0b  ...0....H......

ssl_tls.c:4246: |4| 0900:  05 00 03 82 01 01 00 85 92 be 35 bb 79 cf a3 81  ..........5.y...

ssl_tls.c:4246: |4| 0910:  42 1c e4 e3 63 73 53 39 52 35 e7 d1 ad fd ae 99  B...csS9R5......

ssl_tls.c:4246: |4| 0920:  8a ac 89 12 2f bb e7 6f 9a d5 4e 72 ea 20 30 61  ..../..o..Nr. 0a

ssl_tls.c:4246: |4| 0930:  f9 97 b2 cd a5 27 02 45 a8 ca 76 3e 98 4a 83 9e  .....'.E..v>.J..

ssl_tls.c:4246: |4| 0940:  b6 e6 45 e0 f2 43 f6 08 de 6d e8 6e db 31 07 13  ..E..C...m.n.1..

ssl_tls.c:4246: |4| 0950:  f0 2f 31 0d 93 6d 61 37 7b 58 f0 fc 51 98 91 28  ./1..ma7{X..Q..(

ssl_tls.c:4246: |4| 0960:  02 4f 05 76 b7 d3 f0 1b c2 e6 5e d0 66 85 11 0f  .O.v......^.f...

ssl_tls.c:4246: |4| 0970:  2e 81 c6 10 81 29 fe 20 60 48 f3 f2 f0 84 13 53  .....). H.....S ssl_tls.c:4246: |4| 0980:  65 35 15 11 6b 82 51 40 55 57 5f 18 b5 b0 22 3e  e5..k.Q@UW_..."> ssl_tls.c:4246: |4| 0990:  ad f2 5e a3 01 e3 c3 b3 f9 cb 41 5a e6 52 91 bb  ..^.......AZ.R.. ssl_tls.c:4246: |4| 09a0:  e4 36 87 4f 2d a9 a4 07 68 35 ba 94 72 cd 0e ea  .6.O-...h5..r... ssl_tls.c:4246: |4| 09b0:  0e 7d 57 f2 79 fc 37 c5 7b 60 9e b2 eb c0 2d 90  .}W.y.7.{....-.

ssl_tls.c:4246: |4| 09c0:  77 0d 49 10 27 a5 38 ad c4 12 a3 b4 a3 c8 48 b3  w.I.'.8.......H.

ssl_tls.c:4246: |4| 09d0:  15 0b 1e e2 e2 19 dc c4 76 52 c8 bc 8a 41 78 70  ........vR...Axp

ssl_tls.c:4246: |4| 09e0:  d9 6d 97 b3 4a 8b 78 2d 5e b4 0f a3 4c 60 ca e1  .m..J.x-^...L.. ssl_tls.c:4246: |4| 09f0:  47 cb 78 2d 12 17 b1 52 8b ca 39 2c bd b5 2f c2  G.x-...R..9,../. ssl_tls.c:4246: |4| 0a00:  33 02 96 ab da 94 7f 00 04 96 30 82 04 92 30 82  3.........0...0. ssl_tls.c:4246: |4| 0a10:  03 7a a0 03 02 01 02 02 13 06 7f 94 4a 2a 27 cd  .z..........J*'. ssl_tls.c:4246: |4| 0a20:  f3 fa c2 ae 2b 01 f9 08 ee b9 c4 c6 30 0d 06 09  ....+.......0... ssl_tls.c:4246: |4| 0a30:  2a 86 48 86 f7 0d 01 01 0b 05 00 30 81 98 31 0b  *.H........0..1. ssl_tls.c:4246: |4| 0a40:  30 09 06 03 55 04 06 13 02 55 53 31 10 30 0e 06  0...U....US1.0.. ssl_tls.c:4246: |4| 0a50:  03 55 04 08 13 07 41 72 69 7a 6f 6e 61 31 13 30  .U....Arizona1.0 ssl_tls.c:4246: |4| 0a60:  11 06 03 55 04 07 13 0a 53 63 6f 74 74 73 64 61  ...U....Scottsda ssl_tls.c:4246: |4| 0a70:  6c 65 31 25 30 23 06 03 55 04 0a 13 1c 53 74 61  le1%0#..U....Sta ssl_tls.c:4246: |4| 0a80:  72 66 69 65 6c 64 20 54 65 63 68 6e 6f 6c 6f 67  rfield Technolog ssl_tls.c:4246: |4| 0a90:  69 65 73 2c 20 49 6e 63 2e 31 3b 30 39 06 03 55  ies, Inc.1;09..U ssl_tls.c:4246: |4| 0aa0:  04 03 13 32 53 74 61 72 66 69 65 6c 64 20 53 65  ...2Starfield Se ssl_tls.c:4246: |4| 0ab0:  72 76 69 63 65 73 20 52 6f 6f 74 20 43 65 72 74  rvices Root Cert ssl_tls.c:4246: |4| 0ac0:  69 66 69 63 61 74 65 20 41 75 74 68 6f 72 69 74  ificate Authorit ssl_tls.c:4246: |4| 0ad0:  79 20 2d 20 47 32 30 1e 17 0d 31 35 30 35 32 35  y - G20...150525 ssl_tls.c:4246: |4| 0ae0:  31 32 30 30 30 30 5a 17 0d 33 37 31 32 33 31 30  120000Z..3712310 ssl_tls.c:4246: |4| 0af0:  31 30 30 30 30 5a 30 39 31 0b 30 09 06 03 55 04  10000Z091.0...U. ssl_tls.c:4246: |4| 0b00:  06 13 02 55 53 31 0f 30 0d 06 03 55 04 0a 13 06  ...US1.0...U.... ssl_tls.c:4246: |4| 0b10:  41 6d 61 7a 6f 6e 31 19 30 17 06 03 55 04 03 13  Amazon1.0...U... ssl_tls.c:4246: |4| 0b20:  10 41 6d 61 7a 6f 6e 20 52 6f 6f 74 20 43 41 20  .Amazon Root CA  ssl_tls.c:4246: |4| 0b30:  31 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01  10.."0...*.H.... ssl_tls.c:4246: |4| 0b40:  01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01  .........0...... ssl_tls.c:4246: |4| 0b50:  01 00 b2 78 80 71 ca 78 d5 e3 71 af 47 80 50 74  ...x.q.x..q.G.Pt ssl_tls.c:4246: |4| 0b60:  7d 6e d8 d7 88 76 f4 99 68 f7 58 21 60 f9 74 84  }n...v..h.X!.t.

ssl_tls.c:4246: |4| 0b70:  01 2f ac 02 2d 86 d3 a0 43 7a 4e b2 a4 d0 36 ba  ./..-...CzN...6.

ssl_tls.c:4246: |4| 0b80:  01 be 8d db 48 c8 07 17 36 4c f4 ee 88 23 c7 3e  ....H...6L...#.>

ssl_tls.c:4246: |4| 0b90:  eb 37 f5 b5 19 f8 49 68 b0 de d7 b9 76 38 1d 61  .7....Ih....v8.a

ssl_tls.c:4246: |4| 0ba0:  9e a4 fe 82 36 a5 e5 4a 56 e4 45 e1 f9 fd b4 16  ....6..JV.E.....

ssl_tls.c:4246: |4| 0bb0:  fa 74 da 9c 9b 35 39 2f fa b0 20 50 06 6c 7a d0  .t...59/.. P.lz.

ssl_tls.c:4246: |4| 0bc0:  80 b2 a6 f9 af ec 47 19 8f 50 38 07 dc a2 87 39  ......G..P8....9

ssl_tls.c:4246: |4| 0bd0:  58 f8 ba d5 a9 f9 48 67 30 96 ee 94 78 5e 6f 89  X.....Hg0...x^o.

ssl_tls.c:4246: |4| 0be0:  a3 51 c0 30 86 66 a1 45 66 ba 54 eb a3 c3 91 f9  .Q.0.f.Ef.T.....

ssl_tls.c:4246: |4| 0bf0:  48 dc ff d1 e8 30 2d 7d 2d 74 70 35 d7 88 24 f7  H....0-}-tp5..$.

ssl_tls.c:4246: |4| 0c00:  9e c4 59 6e bb 73 87 17 f2 32 46 28 b8 43 fa b7  ..Yn.s...2F(.C..

ssl_tls.c:4246: |4| 0c10:  1d aa ca b4 f2 9f 24 0e 2d 4b f7 71 5c 5e 69 ff  ......$.-K.q^i.

ssl_tls.c:4246: |4| 0c20:  ea 95 02 cb 38 8a ae 50 38 6f db fb 2d 62 1b c5  ....8..P8o..-b..

ssl_tls.c:4246: |4| 0c30:  c7 1e 54 e1 77 e0 67 c8 0f 9c 87 23 d6 3f 40 20  ..T.w.g....#.?@

ssl_tls.c:4246: |4| 0c40:  7f 20 80 c4 80 4c 3e 3b 24 26 8e 04 ae 6c 9a c8  . ...L>;$&...l..

ssl_tls.c:4246: |4| 0c50:  aa 0d 02 03 01 00 01 a3 82 01 31 30 82 01 2d 30  ..........10..-0

ssl_tls.c:4246: |4| 0c60:  0f 06 03 55 1d 13 01 01 ff 04 05 30 03 01 01 ff  ...U.......0....

ssl_tls.c:4246: |4| 0c70:  30 0e 06 03 55 1d 0f 01 01 ff 04 04 03 02 01 86  0...U...........

ssl_tls.c:4246: |4| 0c80:  30 1d 06 03 55 1d 0e 04 16 04 14 84 18 cc 85 34  0...U..........4

ssl_tls.c:4246: |4| 0c90:  ec bc 0c 94 94 2e 08 59 9c c7 b2 10 4e 0a 08 30  .......Y....N..0

ssl_tls.c:4246: |4| 0ca0:  1f 06 03 55 1d 23 04 18 30 16 80 14 9c 5f 00 df  ...U.#..0......

ssl_tls.c:4246: |4| 0cb0:  aa 01 d7 30 2b 38 88 a2 b8 6d 4a 9c f2 11 91 83  ...0+8...mJ.....

ssl_tls.c:4246: |4| 0cc0:  30 78 06 08 2b 06 01 05 05 07 01 01 04 6c 30 6a  0x..+........l0j

ssl_tls.c:4246: |4| 0cd0:  30 2e 06 08 2b 06 01 05 05 07 30 01 86 22 68 74  0...+.....0.."ht

ssl_tls.c:4246: |4| 0ce0:  74 70 3a 2f 2f 6f 63 73 70 2e 72 6f 6f 74 67 32  tp://ocsp.rootg2

ssl_tls.c:4246: |4| 0cf0:  2e 61 6d 61 7a 6f 6e 74 72 75 73 74 2e 63 6f 6d  .amazontrust.com

ssl_tls.c:4246: |4| 0d00:  30 38 06 08 2b 06 01 05 05 07 30 02 86 2c 68 74  08..+.....0..,ht

ssl_tls.c:4246: |4| 0d10:  74 70 3a 2f 2f 63 72 74 2e 72 6f 6f 74 67 32 2e  tp://crt.rootg2.

ssl_tls.c:4246: |4| 0d20:  61 6d 61 7a 6f 6e 74 72 75 73 74 2e 63 6f 6d 2f  amazontrust.com/

ssl_tls.c:4246: |4| 0d30:  72 6f 6f 74 67 32 2e 63 65 72 30 3d 06 03 55 1d  rootg2.cer0=..U.

ssl_tls.c:4246: |4| 0d40:  1f 04 36 30 34 30 32 a0 30 a0 2e 86 2c 68 74 74  ..60402.0...,htt

ssl_tls.c:4246: |4| 0d50:  70 3a 2f 2f 63 72 6c 2e 72 6f 6f 74 67 32 2e 61  p://crl.rootg2.a

ssl_tls.c:4246: |4| 0d60:  6d 61 7a 6f 6e 74 72 75 73 74 2e 63 6f 6d 2f 72  mazontrust.com/r

ssl_tls.c:4246: |4| 0d70:  6f 6f 74 67 32 2e 63 72 6c 30 11 06 03 55 1d 20  ootg2.crl0...U.

ssl_tls.c:4246: |4| 0d80:  04 0a 30 08 30 06 06 04 55 1d 20 00 30 0d 06 09  ..0.0...U. .0...

ssl_tls.c:4246: |4| 0d90:  2a 86 48 86 f7 0d 01 01 0b 05 00 03 82 01 01 00  *.H.............

ssl_tls.c:4246: |4| 0da0:  62 37 42 5c bc 10 b5 3e 8b 2c e9 0c 9b 6c 45 e2  b7B...>.,...lE.

ssl_tls.c:4246: |4| 0db0:  07 00 7a f9 c5 58 0b b9 08 8c 3e ed b3 25 3c b5  ..z..X....>..%<.

ssl_tls.c:4246: |4| 0dc0:  6f 50 e4 cd 35 6a a7 93 34 96 32 21 a9 48 44 ab  oP..5j..4.2!.HD.

ssl_tls.c:4246: |4| 0dd0:  9c ed 3d b4 aa 73 6d e4 7f 16 80 89 6c cf 28 03  ..=..sm.....l.(.

ssl_tls.c:4246: |4| 0de0:  18 83 47 79 a3 10 7e 30 5b ac 3b b0 60 e0 77 d4  ..Gy..~0[.;.`.w.

ssl_tls.c:4246: |4| 0df0:  08 a6 e1 1d 7c 5e c0 bb f9 9a 7b 22 9d a7 00 09  ....|^....{"....

ssl_tls.c:4246: |4| 0e00:  7e ac 46 17 83 dc 9c 26 57 99 30 39 62 96 8f ed  ~.F....&W.09b...

ssl_tls.c:4246: |4| 0e10:  da de aa c5 cc 1b 3e ca 43 68 6c 57 16 bc d5 0e  ......>.ChlW....

ssl_tls.c:4246: |4| 0e20:  20 2e fe ff c2 6a 5d 2e a0 4a 6d 14 58 87 94 e6   ....j]..Jm.X...

ssl_tls.c:4246: |4| 0e30:  39 31 5f 7c 73 cb 90 88 6a 84 11 96 27 a6 ed d9  91|s...j...'...

ssl_tls.c:4246: |4| 0e40:  81 46 a6 7e a3 72 00 0a 52 3e 83 88 07 63 77 89  .F..r..R>...cw.

ssl_tls.c:4246: |4| 0e50:  69 17 0f 39 85 d2 ab 08 45 4d d0 51 3a fd 5d 5d  i..9....EM.Q:.]]

ssl_tls.c:4246: |4| 0e60:  37 64 4c 7e 30 b2 55 24 42 9d 36 b0 5d 9c 17 81  7dL0.U$B.6.]...

ssl_tls.c:4246: |4| 0e70:  61 f1 ca f9 10 02 24 ab eb 0d 74 91 8d 7b 45 29  a.....$...t..{E)

ssl_tls.c:4246: |4| 0e80:  50 39 88 b2 a6 89 35 25 1e 14 6a 47 23 31 2f 5c  P9....5%..jG#1/

ssl_tls.c:4246: |4| 0e90:  9a fa ad 9a 0e 62 51 a4 2a a9 c4 f9 34 9d 21 18  .....bQ....4.!.

ssl_tls.c:4246: |4| 0ea0:  00 04 79 30 82 04 75 30 82 03 5d a0 03 02 01 02  ..y0..u0..].....

ssl_tls.c:4246: |4| 0eb0:  02 09 00 a7 0e 4a 4c 34 82 b7 7f 30 0d 06 09 2a  .....JL4...0...

ssl_tls.c:4246: |4| 0ec0:  86 48 86 f7 0d 01 01 0b 05 00 30 68 31 0b 30 09  .H........0h1.0.

ssl_tls.c:4246: |4| 0ed0:  06 03 55 04 06 13 02 55 53 31 25 30 23 06 03 55  ..U....US1%0#..U

ssl_tls.c:4246: |4| 0ee0:  04 0a 13 1c 53 74 61 72 66 69 65 6c 64 20 54 65  ....Starfield Te

ssl_tls.c:4246: |4| 0ef0:  63 68 6e 6f 6c 6f 67 69 65 73 2c 20 49 6e 63 2e  chnologies, Inc.

ssl_tls.c:4246: |4| 0f00:  31 32 30 30 06 03 55 04 0b 13 29 53 74 61 72 66  1200..U...)Starf

ssl_tls.c:4246: |4| 0f10:  69 65 6c 64 20 43 6c 61 73 73 20 32 20 43 65 72  ield Class 2 Cer

ssl_tls.c:4246: |4| 0f20:  74 69 66 69 63 61 74 69 6f 6e 20 41 75 74 68 6f  tification Autho

ssl_tls.c:4246: |4| 0f30:  72 69 74 79 30 1e 17 0d 30 39 30 39 30 32 30 30  rity0...09090200

ssl_tls.c:4246: |4| 0f40:  30 30 30 30 5a 17 0d 33 34 30 36 32 38 31 37 33  0000Z..340628173

ssl_tls.c:4246: |4| 0f50:  39 31 36 5a 30 81 98 31 0b 30 09 06 03 55 04 06  916Z0..1.0...U..

ssl_tls.c:4246: |4| 0f60:  13 02 55 53 31 10 30 0e 06 03 55 04 08 13 07 41  ..US1.0...U....A

ssl_tls.c:4246: |4| 0f70:  72 69 7a 6f 6e 61 31 13 30 11 06 03 55 04 07 13  rizona1.0...U...

ssl_tls.c:4246: |4| 0f80:  0a 53 63 6f 74 74 73 64 61 6c 65 31 25 30 23 06  .Scottsdale1%0#.

ssl_tls.c:4246: |4| 0f90:  03 55 04 0a 13 1c 53 74 61 72 66 69 65 6c 64 20  .U....Starfield

ssl_tls.c:4246: |4| 0fa0:  54 65 63 68 6e 6f 6c 6f 67 69 65 73 2c 20 49 6e  Technologies, In

ssl_tls.c:4246: |4| 0fb0:  63 2e 31 3b 30 39 06 03 55 04 03 13 32 53 74 61  c.1;09..U...2Sta

ssl_tls.c:4246: |4| 0fc0:  72 66 69 65 6c 64 20 53 65 72 76 69 63 65 73 20  rfield Services

ssl_tls.c:4246: |4| 0fd0:  52 6f 6f 74 20 43 65 72 74 69 66 69 63 61 74 65  Root Certificate

ssl_tls.c:4246: |4| 0fe0:  20 41 75 74 68 6f 72 69 74 79 20 2d 20 47 32 30   Authority - G20

ssl_tls.c:4246: |4| 0ff0:  82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01  .."0....H......

ssl_tls.c:3632: |3| handshake message: msglen = 4887, type = 11, hslen = 4887

ssl_tls.c:4399: |2| <= read record

ssl_tls.c:5620: |3| peer certificate #1:

ssl_tls.c:5620: |3| cert. version     : 3

ssl_tls.c:5620: |3| serial number     : 0B:A7:6B:FF:E6:49:97:B3:ED:47:6A:71:6C:0C:C7:07

ssl_tls.c:5620: |3| issuer name       : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon

ssl_tls.c:5620: |3| subject name      : CN=.iot.ap-south-1.amazonaws.com

ssl_tls.c:5620: |3| issued  on        : 2020-08-20 00:00:00

ssl_tls.c:5620: |3| expires on        : 2021-08-19 12:00:00

ssl_tls.c:5620: |3| signed using      : RSA with SHA-256

ssl_tls.c:5620: |3| RSA key size      : 2048 bits

ssl_tls.c:5620: |3| basic constraints : CA=false

ssl_tls.c:5620: |3| subject alt name  : iot.ap-south-1.amazonaws.com, *.iot.ap-south-1.amazonaws.com

ssl_tls.c:5620: |3| key usage         : Digital Signature, Key Encipherment

ssl_tls.c:5620: |3| ext key usage     : TLS Web Server Authentication, TLS Web Client Authentication

ssl_tls.c:5620: |3| value of 'crt->rsa.N' (2048 bits) is:

ssl_tls.c:5620: |3|  d1 18 46 dd 2f 4b 6d ec c8 16 fd c9 91 48 e9 be

ssl_tls.c:5620: |3|  b7 0a b1 6f c0 d4 42 7f f6 be 2d 3c ee 4e 30 e0

ssl_tls.c:5620: |3|  58 92 cd 3a 10 4c 85 4c 6a 5b db 97 4f 90 8d d8

ssl_tls.c:5620: |3|  b2 70 86 f2 93 2f 05 8b f7 6d 3e 4f f6 f6 fd 38

ssl_tls.c:5620: |3|  ae c5 b8 83 b2 d9 db 3a 75 88 88 85 15 b0 78 a2

ssl_tls.c:5620: |3|  fd 51 85 b2 35 6e 99 48 8a bd b9 6f 7c d4 c0 ce

ssl_tls.c:5620: |3|  8b ee 57 1f 1e f8 53 46 50 ad 60 d0 6a 4e 59 da

ssl_tls.c:5620: |3|  93 73 b6 13 92 76 15 a1 44 b7 78 2c 91 70 27 21

ssl_tls.c:5620: |3|  c4 54 fe 51 20 e7 4a e1 26 13 18 3d 1f 54 4c c0

ssl_tls.c:5620: |3|  bc 56 2d 5f d0 20 c6 5c 20 26 7c 8f fd 98 2f 8c

ssl_tls.c:5620: |3|  84 09 50 d4 86 3c a8 ff 46 b9 63 2e b1 0d a8 a6

ssl_tls.c:5620: |3|  2e f4 58 ec ee f3 49 a5 51 5e 92 16 10 7c ee 91

ssl_tls.c:5620: |3|  06 ad 9d be a6 76 0a 0e b8 48 f8 82 c5 8e 37 bc

ssl_tls.c:5620: |3|  ec 19 60 10 d5 e6 13 b2 4c 7d 48 d2 cd 6f 77 f2

ssl_tls.c:5620: |3|  8a 35 54 e0 b3 bb 64 cf 00 3f 3a b0 4b 24 db 89

ssl_tls.c:5620: |3|  70 31 5c 65 9a 8d 21 cf 36 1a f9 95 27 82 95 81

ssl_tls.c:5620: |3| value of 'crt->rsa.E' (17 bits) is:

ssl_tls.c:5620: |3|  01 00 01

ssl_tls.c:5620: |3| peer certificate #2:

ssl_tls.c:5620: |3| cert. version     : 3

ssl_tls.c:5620: |3| serial number     : 06:7F:94:57:85:87:E8:AC:77:DE:B2:53:32:5B:BC:99:8B:56:0D

ssl_tls.c:5620: |3| issuer name       : C=US, O=Amazon, CN=Amazon Root CA 1

ssl_tls.c:5620: |3| subject name      : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon

ssl_tls.c:5620: |3| issued  on        : 2015-10-22 00:00:00

ssl_tls.c:5620: |3| expires on        : 2025-10-19 00:00:00

ssl_tls.c:5620: |3| signed using      : RSA with SHA-256

ssl_tls.c:5620: |3| RSA key size      : 2048 bits

ssl_tls.c:5620: |3| basic constraints : CA=true, max_pathlen=0

ssl_tls.c:5620: |3| key usage         : Digital Signature, Key Cert Sign, CRL Sign

ssl_tls.c:5620: |3| value of 'crt->rsa.N' (2048 bits) is:

ssl_tls.c:5620: |3|  c2 4e 16 67 dd ce bc 6a c8 37 5a ec 3a 30 b0 1d

ssl_tls.c:5620: |3|  e6 d1 12 e8 12 28 48 cc e8 29 c1 b9 6e 53 d5 a3

ssl_tls.c:5620: |3|  eb 03 39 1a cc 77 87 f6 01 b9 d9 70 cc cf 6b 8d

ssl_tls.c:5620: |3|  e3 e3 03 71 86 99 6d cb a6 94 2a 4e 13 d6 a7 bd

ssl_tls.c:5620: |3|  04 ec 0a 16 3c 0a eb 39 b1 c4 b5 58 a3 b6 c7 56

ssl_tls.c:5620: |3|  25 ec 3e 52 7a a8 e3 29 16 07 b9 6e 50 cf fb 5f

ssl_tls.c:5620: |3|  31 f8 1d ba 03 4a 62 89 03 ae 3e 47 f2 0f 27 91

ssl_tls.c:5620: |3|  e3 14 20 85 f8 fa e9 8a 35 f5 5f 9e 99 4d e7 6b

ssl_tls.c:5620: |3|  37 ef a4 50 3e 44 ec fa 5a 85 66 07 9c 7e 17 6a

ssl_tls.c:5620: |3|  55 f3 17 8a 35 1e ee e9 ac c3 75 4e 58 55 7d 53

ssl_tls.c:5620: |3|  6b 0a 6b 9b 14 42 d7 e5 ac 01 89 b3 ea a3 fe cf

ssl_tls.c:5620: |3|  c0 2b 0c 84 c2 d8 53 15 cb 67 f0 d0 88 ca 3a d1

ssl_tls.c:5620: |3|  17 73 f5 5f 9a d4 c5 72 1e 7e 01 f1 98 30 63 2a

ssl_tls.c:5620: |3|  aa f2 7a 2d c5 e2 02 1a 86 e5 32 3e 0e bd 11 b4

ssl_tls.c:5620: |3|  cf 3c 93 ef 17 50 10 9e 43 c2 06 2a e0 0d 68 be

ssl_tls.c:5620: |3|  d3 88 8b 4a 65 8c 4a d4 c3 2e 4c 9b 55 f4 86 e5

ssl_tls.c:5620: |3| value of 'crt->rsa.E' (17 bits) is:

ssl_tls.c:5620: |3|  01 00 01

ssl_tls.c:5620: |3| peer certificate #3:

ssl_tls.c:5620: |3| cert. version     : 3

ssl_tls.c:5620: |3| serial number     : 06:7F:94:4A:2A:27:CD:F3:FA:C2:AE:2B:01:F9:08:EE:B9:C4:C6

ssl_tls.c:5620: |3| issuer name       : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2

ssl_tls.c:5620: |3| subject name      : C=US, O=Amazon, CN=Amazon Root CA 1

ssl_tls.c:5620: |3| issued  on        : 2015-05-25 12:00:00

ssl_tls.c:5620: |3| expires on        : 2037-12-31 01:00:00

ssl_tls.c:5620: |3| signed using      : RSA with SHA-256

ssl_tls.c:5620: |3| RSA key size      : 2048 bits

ssl_tls.c:5620: |3| basic constraints : CA=true

ssl_tls.c:5620: |3| key usage         : Digital Signature, Key Cert Sign, CRL Sign

ssl_tls.c:5620: |3| value of 'crt->rsa.N' (2048 bits) is:

ssl_tls.c:5620: |3|  b2 78 80 71 ca 78 d5 e3 71 af 47 80 50 74 7d 6e

ssl_tls.c:5620: |3|  d8 d7 88 76 f4 99 68 f7 58 21 60 f9 74 84 01 2f

ssl_tls.c:5620: |3|  ac 02 2d 86 d3 a0 43 7a 4e b2 a4 d0 36 ba 01 be

ssl_tls.c:5620: |3|  8d db 48 c8 07 17 36 4c f4 ee 88 23 c7 3e eb 37

ssl_tls.c:5620: |3|  f5 b5 19 f8 49 68 b0 de d7 b9 76 38 1d 61 9e a4

ssl_tls.c:5620: |3|  fe 82 36 a5 e5 4a 56 e4 45 e1 f9 fd b4 16 fa 74

ssl_tls.c:5620: |3|  da 9c 9b 35 39 2f fa b0 20 50 06 6c 7a d0 80 b2

ssl_tls.c:5620: |3|  a6 f9 af ec 47 19 8f 50 38 07 dc a2 87 39 58 f8

ssl_tls.c:5620: |3|  ba d5 a9 f9 48 67 30 96 ee 94 78 5e 6f 89 a3 51

ssl_tls.c:5620: |3|  c0 30 86 66 a1 45 66 ba 54 eb a3 c3 91 f9 48 dc

ssl_tls.c:5620: |3|  ff d1 e8 30 2d 7d 2d 74 70 35 d7 88 24 f7 9e c4

ssl_tls.c:5620: |3|  59 6e bb 73 87 17 f2 32 46 28 b8 43 fa b7 1d aa

ssl_tls.c:5620: |3|  ca b4 f2 9f 24 0e 2d 4b f7 71 5c 5e 69 ff ea 95

ssl_tls.c:5620: |3|  02 cb 38 8a ae 50 38 6f db fb 2d 62 1b c5 c7 1e

ssl_tls.c:5620: |3|  54 e1 77 e0 67 c8 0f 9c 87 23 d6 3f 40 20 7f 20

ssl_tls.c:5620: |3|  80 c4 80 4c 3e 3b 24 26 8e 04 ae 6c 9a c8 aa 0d

ssl_tls.c:5620: |3| value of 'crt->rsa.E' (17 bits) is:

ssl_tls.c:5620: |3|  01 00 01

ssl_tls.c:5620: |3| peer certificate #4:

ssl_tls.c:5620: |3| cert. version     : 3

ssl_tls.c:5620: |3| serial number     : A7:0E:4A:4C:34:82:B7:7F

ssl_tls.c:5620: |3| issuer name       : C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority

ssl_tls.c:5620: |3| subject name      : C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2

ssl_tls.c:5620: |3| issued  on        : 2009-09-02 00:00:00

ssl_tls.c:5620: |3| expires on        : 2034-06-28 17:39:16

ssl_tls.c:5620: |3| signed using      : RSA with SHA-256

ssl_tls.c:5620: |3| RSA key size      : 2048 bits

ssl_tls.c:5620: |3| basic constraints : CA=true

ssl_tls.c:5620: |3| key usage         : Digital Signature, Key Cert Sign, CRL Sign

ssl_tls.c:5620: |3| value of 'crt->rsa.N' (2048 bits) is:

ssl_tls.c:5620: |3|  d5 0c 3a c4 2a f9 4e e2 f5 be 19 97 5f 8e 88 53

ssl_tls.c:5620: |3|  b1 1f 3f cb cf 9f 20 13 6d 29 3a c8 0f 7d 3c f7

ssl_tls.c:5620: |3|  6b 76 38 63 d9 36 60 a8 9b 5e 5c 00 80 b2 2f 59

ssl_tls.c:5620: |3|  7f f6 87 f9 25 43 86 e7 69 1b 52 9a 90 e1 71 e3

ssl_tls.c:5620: |3|  d8 2d 0d 4e 6f f6 c8 49 d9 b6 f3 1a 56 ae 2b b6

ssl_tls.c:5620: |3|  74 14 eb cf fb 26 e3 1a ba 1d 96 2e 6a 3b 58 94

ssl_tls.c:5620: |3|  89 47 56 ff 25 a0 93 70 53 83 da 84 74 14 c3 67

ssl_tls.c:5620: |3|  9e 04 68 3a df 8e 40 5a 1d 4a 4e cf 43 91 3b e7

ssl_tls.c:5620: |3|  56 d6 00 70 cb 52 ee 7b 7d ae 3a e7 bc 31 f9 45

ssl_tls.c:5620: |3|  f6 c2 60 cf 13 59 02 2b 80 cc 34 47 df b9 de 90

ssl_tls.c:5620: |3|  65 6d 02 cf 2c 91 a6 a6 e7 de 85 18 49 7c 66 4e

ssl_tls.c:5620: |3|  a3 3a 6d a9 b5 ee 34 2e ba 0d 03 b8 33 df 47 eb

ssl_tls.c:5620: |3|  b1 6b 8d 25 d9 9b ce 81 d1 45 46 32 96 70 87 de

ssl_tls.c:5620: |3|  02 0e 49 43 85 b6 6c 73 bb 64 ea 61 41 ac c9 d4

ssl_tls.c:5620: |3|  54 df 87 2f c7 22 b2 26 cc 9f 59 54 68 9f fc be

ssl_tls.c:5620: |3|  2a 2f c4 55 1c 75 40 60 17 85 02 55 39 8b 7f 05

ssl_tls.c:5620: |3| value of 'crt->rsa.E' (17 bits) is:

ssl_tls.c:5620: |3|  01 00 01

DEBUG:   _iot_tls_verify_cert L#66

Verify requested for (Depth 2):

DEBUG:   _iot_tls_verify_cert L#68 cert. version     : 3

serial number     : 06:6C:9F:CF:99:BF:8C:0A:39:E2:F0:78:8A:43:E6:96:36:5B:CA

issuer name       : C=US, O=Amazon, CN=Amazon Root CA 1

subject name      : C=US, O=Amazon, CN=Amazon Root CA 1

issued  on        : 2015-05-26 00:00:00

expires on        : 2038-01-17 00:00:00

signed using      : RSA with SHA-256

RSA key size      : 2048 bits

basic constraints : CA=true

key usage         : Digital Signature, Key Cert Sign, CRL Sign

DEBUG:   _iot_tls_verify_cert L#73 cert. version     : 3

serial number     : 06:6C:9F:CF:99:BF:8C:0A:39:E2:F0:78:8A:43:E6:96:36:5B:CA

issuer name       : C=US, O=Amazon, CN=Amazon Root CA 1

subject name      : C=US, O=Amazon, CN=Amazon Root CA 1

issued  on        : 2015-05-26 00:00:00

expires on        : 2038-01-17 00:00:00

signed using      : RSA with SHA-256

RSA key size      : 2048 bits

basic constraints : CA=true

key usage         : Digital Signature, Key Cert Sign, CRL Sign

DEBUG:   _iot_tls_verify_cert L#74 cert. version     : 3

serial number     : 06:6C:9F:CF:99:BF:8C:0A:39:E2:F0:78:8A:43:E6:96:36:5B:CA

issuer name       : C=US, O=Amazon, CN=Amazon Root CA 1

subject name      : C=US, O=Amazon, CN=Amazon Root CA 1

issued  on        : 2015-05-26 00:00:00

expires on        : 2038-01-17 00:00:00

signed using      : RSA with SHA-256

RSA key size      : 2048 bits

basic constraints : CA=true

key usage         : Digital Signature, Key Cert Sign, CRL Sign

DEBUG:   _iot_tls_verify_cert L#66

Verify requested for (Depth 1):

DEBUG:   _iot_tls_verify_cert L#68 cert. version     : 3

serial number     : 06:7F:94:57:85:87:E8:AC:77:DE:B2:53:32:5B:BC:99:8B:56:0D

issuer name       : C=US, O=Amazon, CN=Amazon Root CA 1

subject name      : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon

issued  on        : 2015-10-22 00:00:00

expires on        : 2025-10-19 00:00:00

signed using      : RSA with SHA-256

RSA key size      : 2048 bits

basic constraints : CA=true, max_pathlen=0

key usage         : Digital Signature, Key Cert Sign, CRL Sign

DEBUG:   _iot_tls_verify_cert L#73 cert. version     : 3

serial number     : 06:7F:94:57:85:87:E8:AC:77:DE:B2:53:32:5B:BC:99:8B:56:0D

issuer name       : C=US, O=Amazon, CN=Amazon Root CA 1

subject name      : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon

issued  on        : 2015-10-22 00:00:00

expires on        : 2025-10-19 00:00:00

signed using      : RSA with SHA-256

RSA key size      : 2048 bits

basic constraints : CA=true, max_pathlen=0

key usage         : Digital Signature, Key Cert Sign, CRL Sign

DEBUG:   _iot_tls_verify_cert L#74 cert. version     : 3

serial number     : 06:7F:94:57:85:87:E8:AC:77:DE:B2:53:32:5B:BC:99:8B:56:0D

issuer name       : C=US, O=Amazon, CN=Amazon Root CA 1

subject name      : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon

issued  on        : 2015-10-22 00:00:00

expires on        : 2025-10-19 00:00:00

signed using      : RSA with SHA-256

RSA key size      : 2048 bits

basic constraints : CA=true, max_pathlen=0

key usage         : Digital Signature, Key Cert Sign, CRL Sign

DEBUG:   _iot_tls_verify_cert L#66

Verify requested for (Depth 0):

DEBUG:   _iot_tls_verify_cert L#68 cert. version     : 3

serial number     : 0B:A7:6B:FF:E6:49:97:B3:ED:47:6A:71:6C:0C:C7:07

issuer name       : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon

subject name      : CN=*.iot.ap-south-1.amazonaws.com

issued  on        : 2020-08-20 00:00:00

expires on        : 2021-08-19 12:00:00

signed using      : RSA with SHA-256

RSA key size      : 2048 bits

basic constraints : CA=false

subject alt name  : iot.ap-south-1.amazonaws.com, *.iot.ap-south-1.amazonaws.com

key usage         : Digital Signature, Key Encipherment

ext key usage     : TLS Web Server Authentication, TLS Web Client Authentication

DEBUG:   _iot_tls_verify_cert L#73 cert. version     : 3

serial number     : 0B:A7:6B:FF:E6:49:97:B3:ED:47:6A:71:6C:0C:C7:07

issuer name       : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon

subject name      : CN=*.iot.ap-south-1.amazonaws.com

issued  on        : 2020-08-20 00:00:00

expires on        : 2021-08-19 12:00:00

signed using      : RSA with SHA-256

RSA key size      : 2048 bits

basic constraints : CA=false

subject alt name  : iot.ap-south-1.amazonaws.com, *.iot.ap-south-1.amazonaws.com

key usage         : Digital Signature, Key Encipherment

ext key usage     : TLS Web Server Authentication, TLS Web Client Authentication

DEBUG:   _iot_tls_verify_cert L#74 cert. version     : 3

serial number     : 0B:A7:6B:FF:E6:49:97:B3:ED:47:6A:71:6C:0C:C7:07

issuer name       : C=US, O=Amazon, OU=Server CA 1B, CN=Amazon

subject name      : CN=*.iot.ap-south-1.amazonaws.com

issued  on        : 2020-08-20 00:00:00

expires on        : 2021-08-19 12:00:00

signed using      : RSA with SHA-256

RSA key size      : 2048 bits

basic constraints : CA=false

subject alt name  : iot.ap-south-1.amazonaws.com, *.iot.ap-south-1.amazonaws.com

key usage         : Digital Signature, Key Encipherment

ext key usage     : TLS Web Server Authentication, TLS Web Client Authentication

ssl_tls.c:5771: |1| x509_verify_cert() returned -9984 (-0x2700)

ssl_tls.c:5264: |2| => send alert message

ssl_tls.c:5265: |3| send alert level=2 message=46

ssl_tls.c:3351: |2| => write record

ssl_tls.c:3428: |3| output record: msgtype = 21, version = [3:3], msglen = 2

ssl_tls.c:3433: |4| dumping 'output record sent to network' (7 bytes)

ssl_tls.c:3433: |4| 0000:  15 03 03 00 02 02 2e                             .......

ssl_tls.c:2753: |2| => flush output

ssl_tls.c:2771: |2| message length: 7, out_left: 7

ssl_tls.c:2777: |2| ssl->f_send() returned 7 (-0xfffffff9)

ssl_tls.c:2805: |2| <= flush output

ssl_tls.c:3484: |2| <= write record

ssl_tls.c:5277: |2| <= send alert message

ssl_tls.c:5865: |3| ! Certificate verification flags 200

ssl_tls.c:5877: |2| <= parse certificate

ssl_tls.c:8108: |2| <= handshake

ERROR: iot_tls_connect L#253  failed

! mbedtls_ssl_handshake returned -0x2700

ERROR: iot_tls_connect L#255     Unable to verify the server's certificate. Either it is invalid,

or you didn't set ca_file or ca_path to an appropriate value.

Alternatively, you may want to use auth_mode=optional for testing purposes.

ssl_tls.c:8739: |2| => write close notify

ssl_tls.c:8755: |2| <= write close notify

ssl_tls.c:8948: |2| => free

ssl_tls.c:9013: |2| <= free

ERROR: main L#190 Error(-4) connecting to a2g7twmqo7hg82-ats.iot.ap-south-1.amazonaws.com:443

Please help me in resolving the issue,

Thanks in advance, Srinivas.

yourslab commented 3 years ago

From the logs, it looks like the function mbedtls_x509_crt_verify_with_profile(...) is returning MBEDTLS_ERR_X509_CERT_VERIFY_FAILED or -0x2700. In this function, there is a variable flags, and it is useful to know its value because the error is returned when *flags is non-zero:

if( *flags != 0 )
        return( MBEDTLS_ERR_X509_CERT_VERIFY_FAILED );

I see that *flags is actually logged from what you shared:

ssl_tls.c:5865: |3| ! Certificate verification flags 200

Diving deeper into mbedTLS, only one of the errors corresponds to 200:

#define MBEDTLS_X509_BADCERT_FUTURE            0x0200  /**< The certificate validity starts in the future. */

This makes it likely that your tiny-linux system clock is not set correctly or configured to work with mbedTLS. It looks like you will need a platform-specific implementation of mbedtls_platform_gmtime_r for X509 certificate validation that you can configure in the mbedTLS config header: https://github.com/ARMmbed/mbedtls/blob/3fac0bae4a50113989b3d015cd2d948f51a6d9ac/include/mbedtls/platform_util.h#L202-L204 https://github.com/ARMmbed/mbedtls/blob/3fac0bae4a50113989b3d015cd2d948f51a6d9ac/include/mbedtls/config.h#L3395-L3412

I've also seen the exact same problem in other forums, so these links may be able to help you: https://forums.mbed.com/t/mbedtls-x509-crt-verify-2700-on-embedded-platform/5430 https://forums.mbed.com/t/mbedtls-ssl-handshake-returned-0x2700/4968

Please let me know if you are able to progress further with the problem. Looking forward to hear from you again. Thank you.

shrinivasragolu commented 3 years ago

Hi Oscar Michael Abrina,

Wonderful. Exactly you have pinpointed the issue. Thank you so much !! :-)

Actually, the issue is time got set to Jan 1st, 1970. When I set date and time correctly using "date" command, It perfectly works for me.

Thanks a lot for your support.

Srinivas.