使用 W800 连接 https 的服务器时, 如果遇到连接失败的问题, 可以按如下方式排查.
在 demo/wm_demo. h 里打开 DEMO_CONSOLE, DEMO_CONNECT_NET 和 DEMO_HTTP 宏定义, http demo 也支持 https 的 url. 编译后下载运行固件.
发送 t-connect ("ssid", "password") 命令连接网络.
发送 t-httpget ("https: //www. baidu. com/") 连接 https 服务器, 为了便于说明问题, 此处假设连接失败.
当返回连接失败时, 尝试如下调试方法.
1. 打开 mbedtls 的调试信息, 在 src/app/mbedtls/include/mbedtls/config. h 文件中的第 1883 行, 打开 MBEDTLS_DEBUG_C 的宏定义, 编译后下载执行, 此时可以看到整个连接过程的 mbedtls 相关的 log 信息, 看是否是在 ssl 握手阶段失败.
如果是在 ssl 握手阶段失败, 通常是由于 client 端提供的加密套件与 server 端不匹配造成的, 通过如下 log 可以看出 W800 默认只提供了 7 种加密套件, 如果遇到服务器都不支持这 7 种就会返回握手失败.
[CMD]t-httpget
Location: https: //www. baidu. com/
HTTP Client v1. 0
. Seeding the random number generator. . . ok
. Connecting to tcp. . . ok
. Setting up the SSL/TLS structure. . . ok
. Performing the SSL/TLS handshake. . . . . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 6850: = handshake
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 3400: client state: 0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2574: = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2586: = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 3400: client state: 1
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2574: = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2586: = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0777: = write client hello
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0815: client hello, max version: [3: 3]
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0706: client hello, current time: 3436
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824: dumping 'client hello, random bytes' (32 bytes)
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824: 0000: 00 00 0d 6c 29 d8 4c 7b 7b 46 1d 34 1b 88 2b 87 . . . l) . L{{F. 4. . +.
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824: 0010: 97 dc c5 9b a2 4a 45 f1 97 91 12 fb 5b 82 3c f7 . . . . . JE. . . . . [. .
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0877: client hello, session id len. : 0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0878: dumping 'client hello, session id' (0 bytes)
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 009d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 003d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0035
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 009c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 003c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 002f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 000a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0937: client hello, got 7 ciphersuites (excluding SCSVs)
2. 还是在 config. h 文件里, 打开更多种类的加密套件. 如下打开后编译再次运行, 可以看到加密套件变成了 151 个.
line 495 MBEDTLS_CIPHER_NULL_CIPHER
line 529 MBEDTLS_ENABLE_WEAK_CIPHERSUITES
line 630 MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
line 661 MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
line 681 MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
line 706 MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
line 767 MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
line 792 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
line 816 MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
line 840 MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
line 864 MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
line 883 MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
line 1818 MBEDTLS_CCM_C
line 1933 MBEDTLS_DHM_C
line 1964 MBEDTLS_ECDSA_C
line 1983 MBEDTLS_ECJPAKE_C
line 1804 MBEDTLS_CAMELLIA_C
[CMD]t-httpget
Location: https: //www. baidu. com/
HTTP Client v1. 0
. Seeding the random number generator. . . ok
. Connecting to tcp. . . ok
. Setting up the SSL/TLS structure. . . ok
. Performing the SSL/TLS handshake. . . . . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 6850: = handshake
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 3400: client state: 0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2574: = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2586: = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 3400: client state: 1
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2574: = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2586: = flush output
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0777: = write client hello
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0815: client hello, max version: [3: 3]
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0706: client hello, current time: 4995
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824: dumping 'client hello, random bytes' (32 bytes)
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824: 0000: 00 00 13 83 8f 7b 1d ed 70 1c e4 7c 68 c6 fc 73 . . . . . {. . p. . |h. . s
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0824: 0010: 7f 0d 10 7e 85 3f f0 c7 c7 fe 94 d5 40 fd 89 47 . . . ~. ? . . . . . . @. . G
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0877: client hello, session id len. : 0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0878: dumping 'client hello, session id' (0 bytes)
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c02c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c030
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 009f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0ad
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c09f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c024
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c028
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 006b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c00a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c014
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0039
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0af
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0a3
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c087
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c08b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c07d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c073
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c077
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00c4
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0088
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c02b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c02f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 009e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0ac
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c09e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c023
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c027
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0067
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c009
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c013
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0033
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0ae
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0a2
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c086
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c08a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c07c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c072
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c076
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00be
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0045
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00ab
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0a7
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c038
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00b3
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c036
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0091
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c091
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c09b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c097
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0ab
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00aa
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0a6
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c037
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00b2
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c035
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0090
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c090
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c096
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c09a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0aa
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 009d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c09d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 003d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0035
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c032
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c02a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c00f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c02e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c026
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c005
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0a1
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c07b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00c0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0084
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c08d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c079
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c089
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c075
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 009c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c09c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 003c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 002f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c031
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c029
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c00e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c02d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c025
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c004
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0a0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c07a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00ba
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0041
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c08c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c078
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c088
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c074
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00ad
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00b7
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0095
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c093
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c099
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00ac
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00b6
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0094
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c092
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c098
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00a9
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0a5
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00af
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 008d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c08f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c095
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0a9
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00a8
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0a4
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00ae
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 008c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c08e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c094
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c0a8
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c008
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c012
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0016
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c034
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 008f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 000a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c00d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c003
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0093
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 008b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0015
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0009
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c006
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c010
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c03b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c03a
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c039
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00b5
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00b4
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 002d
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 003b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0002
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 0001
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c00b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: c001
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00b9
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00b8
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 002e
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00b1
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 00b0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0925: client hello, add ciphersuite: 002c
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 0937: client hello, got 151 ciphersuites (excluding SCSVs)
3. 如果握手成功后可以看到 server 端最后选择了 TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256.
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1493: = parse server hello
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 3904: = read record
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2358: = fetch input
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2516: in_left: 0, nb_want: 5
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2540: in_left: 0, nb_want: 5
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2541: ssl- f_recv (_timeout) () returned 5 (-0xfffffffb)
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2561: = fetch input
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 3663: input record: msgtype = 22, version = [3: 3], msglen = 87
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2358: = fetch input
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2516: in_left: 5, nb_want: 92
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2540: in_left: 5, nb_want: 92
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2541: ssl- f_recv (_timeout) () returned 87 (-0xffffffa9)
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 2561: = fetch input
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 3265: handshake message: msglen = 87, type = 2, hslen = 87
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_tls. c: 3937: = read record
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1573: dumping 'server hello, version' (2 bytes)
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1573: 0000: 03 03 . .
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1598: server hello, current time: 1727255022
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1604: dumping 'server hello, random bytes' (32 bytes)
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1604: 0000: 66 f3 d1 ee b1 01 cb 7e a1 69 ad 22 b2 de f7 62 f. . . . . . ~. i. ". . . b
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1604: 0010: 28 c8 dc 38 13 f4 7b 1a 0c 1b f5 92 4a 7a ba 07 (. . 8. . {. . . . . Jz. .
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1684: server hello, session id len. : 32
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1685: dumping 'server hello, session id' (32 bytes)
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1685: 0000: 6c bb 70 2a 16 b8 dd a1 06 e0 e2 a3 40 a1 3e b8 l. p*. . . . . . . . @. .
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1685: 0010: f7 c3 d5 c1 65 64 7c 0a 82 09 6f 47 e9 2b 3e e0 . . . . ed|. . . oG. + .
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1723: no session has been resumed
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1725: server hello, chosen ciphersuite: c02f
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1726: server hello, compress alg. : 0
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1758: server hello, chosen ciphersuite: TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1775: server hello, total extension length: 11
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1795: found renegotiation extension
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1874: found supported_point_formats extension
. . /. . /. . /. . /. . /. . /. . /src/app/mbedtls/library/ssl_cli. c: 1964: = parse server hello
4. 在 src/app/mbedtls/library/ssl_ciphersuites. c 里面的 ciphersuite_definitions 里找到该套件的相关宏定义, 然后在 config. h 里把上一步打开的多余的宏定义再关闭即可. 因为打开的加密套件越多, 编译的固件越大. 这里需要保留的宏定义为 MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED.
#if defined (MBEDTLS_GCM_C)
{ MBEDTLS_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, "TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256",
MBEDTLS_CIPHER_AES_128_GCM, MBEDTLS_MD_SHA256, MBEDTLS_KEY_EXCHANGE_ECDHE_RSA,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
MBEDTLS_SSL_MAJOR_VERSION_3, MBEDTLS_SSL_MINOR_VERSION_3,
0 },
#endif /* MBEDTLS_GCM_C */
5. 如果上述尝试后还是连接失败可以在问答社区发帖求助, 具体问题具体分析.
define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
打开这个宏定义涂鸦 MQTT 平台终于连上了
ssl_tls. c: 3922: mbedtls_ssl_read_record_layer () returned -30592 (-0x7780)