Embedded device unable to access websites using Cloudflare CDN over HTTPS

abcc · December 27, 2022, 8:41am

I am experiencing issues with my embedded device being unable to access websites that use Cloudflare CDN over HTTPS. While I am able to access these websites using HTTP, I am unable to do so over HTTPS. When attempting to access these websites, the device returns an error message.

I have tested this issue on multiple websites that use Cloudflare CDN and have found that the issue persists across all of them. However, when accessing websites that do not use Cloudflare CDN or the Cloudflare website itself, the device is able to connect and receive a response without any issues.

I have tried troubleshooting the issue by checking for any potential configuration issues on the device, but have not been able to find a solution. I am seeking assistance in resolving this issue so that my device can access websites using Cloudflare CDN over HTTPS.

he log for the issue is included below:

[2022-12-27 15:08:10.509][000000000.142] luat_main_print_model 150:model Air780E
[2022-12-27 15:08:10.512][000000000.153] I/luat.pm pm mode 1
[2022-12-27 15:08:10.515][000000000.154] I/luat.pm poweron: Power/Reset
[2022-12-27 15:08:10.516][000000000.154] I/main LuatOS@EC618 base 22.12 bsp V1002 32bit
[2022-12-27 15:08:10.518][000000000.154] I/main ROM Build: Dec 26 2022 23:33:35
[2022-12-27 15:08:10.519][000000000.216] D/main loadlibs luavm 204792 13384 13384
[2022-12-27 15:08:10.520][000000000.216] D/main loadlibs sys   300104 48624 54860
[2022-12-27 15:08:11.001][000000000.951] D/mobile CSCON 1
[2022-12-27 15:08:12.398][000000002.305] D/mobile NETIF_LINK_ON -> IP_READY
[2022-12-27 15:08:12.403][000000002.326] I/user.cipher	suites	
[2022-12-27 15:08:12.407][000000002.326] ["TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384","TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384","TLS-ECDHE-ECDSA-WITH-AES-256-CCM","TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384","TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384","TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA","TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA","TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8","TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256","TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256","TLS-ECDHE-ECDSA-WITH-AES-128-CCM","TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256","TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256","TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA","TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA","TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8","TLS-RSA-WITH-AES-256-GCM-SHA384","TLS-RSA-WITH-AES-256-CCM","TLS-RSA-WITH-AES-256-CBC-SHA256","TLS-RSA-WITH-AES-256-CBC-SHA","TLS-RSA-WITH-AES-256-CCM-8","TLS-RSA-WITH-AES-128-GCM-SHA256","TLS-RSA-WITH-AES-128-CCM","TLS-RSA-WITH-AES-128-CBC-SHA256","TLS-RSA-WITH-AES-128-CBC-SHA","TLS-RSA-WITH-AES-128-CCM-8","TLS-RSA-PSK-WITH-AES-256-GCM-SHA384","TLS-RSA-PSK-WITH-AES-256-CBC-SHA384","TLS-RSA-PSK-WITH-AES-256-CBC-SHA","TLS-RSA-PSK-WITH-AES-128-GCM-SHA256","TLS-RSA-PSK-WITH-AES-128-CBC-SHA256","TLS-RSA-PSK-WITH-AES-128-CBC-SHA","TLS-PSK-WITH-AES-256-GCM-SHA384","TLS-PSK-WITH-AES-256-CCM","TLS-PSK-WITH-AES-256-CBC-SHA384","TLS-PSK-WITH-AES-256-CBC-SHA","TLS-PSK-WITH-AES-256-CCM-8","TLS-PSK-WITH-AES-128-GCM-SHA256","TLS-PSK-WITH-AES-128-CCM","TLS-PSK-WITH-AES-128-CBC-SHA256","TLS-PSK-WITH-AES-128-CBC-SHA","TLS-PSK-WITH-AES-128-CCM-8"]
[2022-12-27 15:08:12.842][000000002.327] I/http HTTP GET
[2022-12-27 15:08:12.847][000000002.328] D/DNS yanqiyu.info state 0 use dns server2, try 0
[2022-12-27 15:08:12.850][000000002.791] D/DNS dns stop
[2022-12-27 15:08:13.169][000000003.067] mbedtls_ssl_handshake_client_step 4486:client state: 0
[2022-12-27 15:08:13.174][000000003.067] mbedtls_ssl_flush_output 2102:=> flush output
[2022-12-27 15:08:13.177][000000003.067] mbedtls_ssl_flush_output 2114:<= flush output
[2022-12-27 15:08:13.181][000000003.067] mbedtls_ssl_handshake_client_step 4486:client state: 1
[2022-12-27 15:08:13.184][000000003.068] mbedtls_ssl_flush_output 2102:=> flush output
[2022-12-27 15:08:13.188][000000003.068] mbedtls_ssl_flush_output 2114:<= flush output
[2022-12-27 15:08:13.193][000000003.068] ssl_write_client_hello 999:=> write client hello
[2022-12-27 15:08:13.197][000000003.068] ssl_write_client_hello 1054:client hello, max version: [3:3]
[2022-12-27 15:08:13.200][000000003.068] ssl_generate_random 912:client hello, current time: 946684803
[2022-12-27 15:08:13.204][000000003.100] ssl_write_client_hello 1064:dumping 'client hello, random bytes' (32 bytes)

[2022-12-27 15:08:13.208][000000003.100] ssl_write_client_hello 1064:0000:  38 6d 43 83 91 aa 7e a5 3b d8 5f 65 11 33 0c 34  8mC...~.;._e.3.4

[2022-12-27 15:08:13.212][000000003.100] ssl_write_client_hello 1064:0010:  01 4a 0f d6 0e ec b2 fe a3 9d f4 45 78 7c 65 0b  .J.........Ex|e.

[2022-12-27 15:08:13.217][000000003.101] ssl_write_client_hello 1124:client hello, session id len.: 0
[2022-12-27 15:08:13.222][000000003.101] ssl_write_client_hello 1125:dumping 'client hello, session id' (0 bytes)

[2022-12-27 15:08:13.230][000000003.101] ssl_write_client_hello 1191:client hello, add ciphersuite: c02c (TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384)
[2022-12-27 15:08:13.233][000000003.101] ssl_write_client_hello 1191:client hello, add ciphersuite: c030 (TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384)
[2022-12-27 15:08:13.237][000000003.102] ssl_write_client_hello 1191:client hello, add ciphersuite: c0ad (TLS-ECDHE-ECDSA-WITH-AES-256-CCM)
[2022-12-27 15:08:13.242][000000003.102] ssl_write_client_hello 1191:client hello, add ciphersuite: c024 (TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384)
[2022-12-27 15:08:13.246][000000003.102] ssl_write_client_hello 1191:client hello, add ciphersuite: c028 (TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384)
[2022-12-27 15:08:13.250][000000003.102] ssl_write_client_hello 1191:client hello, add ciphersuite: c00a (TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA)
[2022-12-27 15:08:13.255][000000003.103] ssl_write_client_hello 1191:client hello, add ciphersuite: c014 (TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA)
[2022-12-27 15:08:13.259][000000003.103] ssl_write_client_hello 1191:client hello, add ciphersuite: c0af (TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8)
[2022-12-27 15:08:13.263][000000003.103] ssl_write_client_hello 1191:client hello, add ciphersuite: c02b (TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256)
[2022-12-27 15:08:13.267][000000003.103] ssl_write_client_hello 1191:client hello, add ciphersuite: c02f (TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256)
[2022-12-27 15:08:13.271][000000003.104] ssl_write_client_hello 1191:client hello, add ciphersuite: c0ac (TLS-ECDHE-ECDSA-WITH-AES-128-CCM)
[2022-12-27 15:08:13.274][000000003.104] ssl_write_client_hello 1191:client hello, add ciphersuite: c023 (TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256)
[2022-12-27 15:08:13.278][000000003.104] ssl_write_client_hello 1191:client hello, add ciphersuite: c027 (TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256)
[2022-12-27 15:08:13.282][000000003.104] ssl_write_client_hello 1191:client hello, add ciphersuite: c009 (TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA)
[2022-12-27 15:08:13.286][000000003.105] ssl_write_client_hello 1191:client hello, add ciphersuite: c013 (TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA)
[2022-12-27 15:08:13.290][000000003.105] ssl_write_client_hello 1191:client hello, add ciphersuite: c0ae (TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8)
[2022-12-27 15:08:13.293][000000003.105] ssl_write_client_hello 1191:client hello, add ciphersuite: 009d (TLS-RSA-WITH-AES-256-GCM-SHA384)
[2022-12-27 15:08:13.297][000000003.106] ssl_write_client_hello 1191:client hello, add ciphersuite: c09d (TLS-RSA-WITH-AES-256-CCM)
[2022-12-27 15:08:13.301][000000003.106] ssl_write_client_hello 1191:client hello, add ciphersuite: 003d (TLS-RSA-WITH-AES-256-CBC-SHA256)
[2022-12-27 15:08:13.305][000000003.106] ssl_write_client_hello 1191:client hello, add ciphersuite: 0035 (TLS-RSA-WITH-AES-256-CBC-SHA)
[2022-12-27 15:08:13.311][000000003.106] ssl_write_client_hello 1191:client hello, add ciphersuite: c0a1 (TLS-RSA-WITH-AES-256-CCM-8)
[2022-12-27 15:08:13.315][000000003.106] ssl_write_client_hello 1191:client hello, add ciphersuite: 009c (TLS-RSA-WITH-AES-128-GCM-SHA256)
[2022-12-27 15:08:13.318][000000003.107] ssl_write_client_hello 1191:client hello, add ciphersuite: c09c (TLS-RSA-WITH-AES-128-CCM)
[2022-12-27 15:08:13.322][000000003.107] ssl_write_client_hello 1191:client hello, add ciphersuite: 003c (TLS-RSA-WITH-AES-128-CBC-SHA256)
[2022-12-27 15:08:13.327][000000003.107] ssl_write_client_hello 1191:client hello, add ciphersuite: 002f (TLS-RSA-WITH-AES-128-CBC-SHA)
[2022-12-27 15:08:13.331][000000003.107] ssl_write_client_hello 1191:client hello, add ciphersuite: c0a0 (TLS-RSA-WITH-AES-128-CCM-8)
[2022-12-27 15:08:13.336][000000003.108] ssl_write_client_hello 1209:client hello, got 26 ciphersuites (excluding SCSVs)
[2022-12-27 15:08:13.340][000000003.108] ssl_write_client_hello 1219:adding EMPTY_RENEGOTIATION_INFO_SCSV
[2022-12-27 15:08:13.343][000000003.108] ssl_write_client_hello 1273:client hello, compress len.: 1
[2022-12-27 15:08:13.348][000000003.109] ssl_write_client_hello 1274:client hello, compress alg.: 0
[2022-12-27 15:08:13.352][000000003.109] ssl_write_signature_algorithms_ext 230:client hello, adding signature_algorithms extension
[2022-12-27 15:08:13.355][000000003.109] ssl_write_supported_elliptic_curves_ext 324:client hello, adding supported_elliptic_curves extension
[2022-12-27 15:08:13.361][000000003.109] ssl_write_supported_point_formats_ext 393:client hello, adding supported_point_formats extension
[2022-12-27 15:08:13.366][000000003.110] ssl_write_encrypt_then_mac_ext 613:client hello, adding encrypt_then_mac extension
[2022-12-27 15:08:13.370][000000003.110] ssl_write_extended_ms_ext 645:client hello, adding extended_master_secret extension
[2022-12-27 15:08:13.373][000000003.110] ssl_write_client_hello 1433:client hello, total extension length: 72
[2022-12-27 15:08:13.378][000000003.110] mbedtls_ssl_write_handshake_msg 2542:=> write handshake message
[2022-12-27 15:08:13.381][000000003.112] mbedtls_ssl_write_record 2701:=> write record
[2022-12-27 15:08:13.387][000000003.112] mbedtls_ssl_write_record 2814:output record: msgtype = 22, version = [3:1], msglen = 171
[2022-12-27 15:08:13.395][000000003.112] mbedtls_ssl_write_record 2819:dumping 'output record sent to network' (176 bytes)

[2022-12-27 15:08:13.399][000000003.112] mbedtls_ssl_write_record 2819:0000:  16 03 01 00 ab 01 00 00 a7 03 03 38 6d 43 83 91  ...........8mC..

[2022-12-27 15:08:13.403][000000003.113] mbedtls_ssl_write_record 2819:0010:  aa 7e a5 3b d8 5f 65 11 33 0c 34 01 4a 0f d6 0e  .~.;._e.3.4.J...

[2022-12-27 15:08:13.407][000000003.113] mbedtls_ssl_write_record 2819:0020:  ec b2 fe a3 9d f4 45 78 7c 65 0b 00 00 36 c0 2c  ......Ex|e...6.,

[2022-12-27 15:08:13.411][000000003.113] mbedtls_ssl_write_record 2819:0030:  c0 30 c0 ad c0 24 c0 28 c0 0a c0 14 c0 af c0 2b  .0...$.(.......+

[2022-12-27 15:08:13.414][000000003.114] mbedtls_ssl_write_record 2819:0040:  c0 2f c0 ac c0 23 c0 27 c0 09 c0 13 c0 ae 00 9d  ./...#.'........

[2022-12-27 15:08:13.418][000000003.114] mbedtls_ssl_write_record 2819:0050:  c0 9d 00 3d 00 35 c0 a1 00 9c c0 9c 00 3c 00 2f  ...=.5.......<./

[2022-12-27 15:08:13.421][000000003.114] mbedtls_ssl_write_record 2819:0060:  c0 a0 00 ff 01 00 00 48 00 0d 00 16 00 14 06 03  .......H........

[2022-12-27 15:08:13.427][000000003.115] mbedtls_ssl_write_record 2819:0070:  06 01 05 03 05 01 04 03 04 01 03 03 03 01 02 03  ................

[2022-12-27 15:08:13.430][000000003.115] mbedtls_ssl_write_record 2819:0080:  02 01 00 0a 00 1c 00 1a 00 19 00 1c 00 18 00 1b  ................

[2022-12-27 15:08:13.434][000000003.115] mbedtls_ssl_write_record 2819:0090:  00 17 00 16 00 1a 00 15 00 14 00 13 00 12 00 1d  ................

[2022-12-27 15:08:13.438][000000003.116] mbedtls_ssl_write_record 2819:00a0:  00 1e 00 0b 00 02 01 00 00 16 00 00 00 17 00 00  ................

[2022-12-27 15:08:13.442][000000003.116] mbedtls_ssl_flush_output 2102:=> flush output
[2022-12-27 15:08:13.446][000000003.116] mbedtls_ssl_flush_output 2120:message length: 176, out_left: 176
[2022-12-27 15:08:13.450][000000003.116] mbedtls_ssl_flush_output 2127:ssl->f_send() returned 176 (-0xffffff50)
[2022-12-27 15:08:13.453][000000003.117] mbedtls_ssl_flush_output 2155:<= flush output
[2022-12-27 15:08:13.460][000000003.117] mbedtls_ssl_write_record 2870:<= write record
[2022-12-27 15:08:13.462][000000003.117] mbedtls_ssl_write_handshake_msg 2678:<= write handshake message
[2022-12-27 15:08:13.466][000000003.117] ssl_write_client_hello 1470:<= write client hello
[2022-12-27 15:08:13.470][000000003.117] mbedtls_ssl_handshake_client_step 4486:client state: 2
[2022-12-27 15:08:13.474][000000003.117] mbedtls_ssl_flush_output 2102:=> flush output
[2022-12-27 15:08:13.477][000000003.118] mbedtls_ssl_flush_output 2114:<= flush output
[2022-12-27 15:08:13.481][000000003.118] ssl_parse_server_hello 2085:=> parse server hello
[2022-12-27 15:08:13.485][000000003.118] mbedtls_ssl_read_record 3941:=> read record
[2022-12-27 15:08:13.489][000000003.118] mbedtls_ssl_fetch_input 1886:=> fetch input
[2022-12-27 15:08:13.492][000000003.118] mbedtls_ssl_fetch_input 2041:in_left: 0, nb_want: 5
[2022-12-27 15:08:13.496][000000003.118] mbedtls_ssl_fetch_input 2066:in_left: 0, nb_want: 5
[2022-12-27 15:08:13.622][000000003.560] mbedtls_ssl_handshake_client_step 4486:client state: 2
[2022-12-27 15:08:13.627][000000003.560] mbedtls_ssl_flush_output 2102:=> flush output
[2022-12-27 15:08:13.631][000000003.560] mbedtls_ssl_flush_output 2114:<= flush output
[2022-12-27 15:08:13.634][000000003.560] ssl_parse_server_hello 2085:=> parse server hello
[2022-12-27 15:08:13.638][000000003.560] mbedtls_ssl_read_record 3941:=> read record
[2022-12-27 15:08:13.644][000000003.560] mbedtls_ssl_fetch_input 1886:=> fetch input
[2022-12-27 15:08:13.648][000000003.561] mbedtls_ssl_fetch_input 2041:in_left: 0, nb_want: 5
[2022-12-27 15:08:13.651][000000003.561] mbedtls_ssl_fetch_input 2066:in_left: 0, nb_want: 5
[2022-12-27 15:08:13.655][000000003.561] mbedtls_ssl_fetch_input 2069:ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
[2022-12-27 15:08:13.659][000000003.561] mbedtls_ssl_fetch_input 2089:<= fetch input
[2022-12-27 15:08:13.662][000000003.562] ssl_parse_record_header 3670:dumping 'input record header' (5 bytes)

[2022-12-27 15:08:13.666][000000003.562] ssl_parse_record_header 3670:0000:  15 03 01 00 02                                   .....

[2022-12-27 15:08:13.669][000000003.562] ssl_parse_record_header 3672:input record: msgtype = 21, version = [3:1], msglen = 2
[2022-12-27 15:08:13.673][000000003.562] mbedtls_ssl_fetch_input 1886:=> fetch input
[2022-12-27 15:08:13.677][000000003.562] mbedtls_ssl_fetch_input 2041:in_left: 5, nb_want: 7
[2022-12-27 15:08:13.680][000000003.563] mbedtls_ssl_fetch_input 2066:in_left: 5, nb_want: 7
[2022-12-27 15:08:13.684][000000003.563] mbedtls_ssl_fetch_input 2069:ssl->f_recv(_timeout)() returned 2 (-0xfffffffe)
[2022-12-27 15:08:13.687][000000003.563] mbedtls_ssl_fetch_input 2089:<= fetch input
[2022-12-27 15:08:13.692][000000003.563] ssl_prepare_record_content 3783:dumping 'input record from network' (7 bytes)

[2022-12-27 15:08:13.696][000000003.563] ssl_prepare_record_content 3783:0000:  15 03 01 00 02 02 28                             ......(

[2022-12-27 15:08:13.699][000000003.564] mbedtls_ssl_handle_message_type 4897:got an alert message, type: [2:40]
[2022-12-27 15:08:13.703][000000003.564] mbedtls_ssl_handle_message_type 4905:is a fatal alert message (msg 40)
[2022-12-27 15:08:13.708][000000003.564] mbedtls_ssl_read_record 3999:mbedtls_ssl_handle_message_type() returned -30592 (-0x7780)
[2022-12-27 15:08:13.711][000000003.564] ssl_parse_server_hello 2090:mbedtls_ssl_read_record() returned -30592 (-0x7780)
[2022-12-27 15:08:13.715][000000003.564] network_state_shakehand 660:0x7780, 2
[2022-12-27 15:08:13.718][000000003.565] E/http luat_lib_http_callback http_ctrl close 33554449 -1
[2022-12-27 15:08:13.722][000000003.565] mbedtls_ssl_free 6839:=> free
[2022-12-27 15:08:13.725][000000003.566] mbedtls_ssl_free 6918:<= free
[2022-12-27 15:08:13.729][000000003.570] I/user.http	-5	{}	nil

Cyb3r-Jak3 · December 27, 2022, 1:16pm

These posts seem similar to your error code

github.com/Mbed-TLS/mbedtls

mbedtls_ssl_read_record() returned -30592 (-0x7780) after clienthello

opened 06:52AM - 02 Aug 19 UTC

closed 12:48PM - 13 May 22 UTC

cs3sw

component-tls

Hi, I have problem about ssl handshank after clienthello, I use MTK mt7697 pl…atform to do https get with server, and appear below error log, I thought it is the cipher suites server not supported, so I use curl do http get request from PC, and PC return serverhello correctly. I saw cipher suites server choose ECDHE-RSA-AES128-GCM-SHA256, In my mt7697 clienthello package, I also use this cipher (c02f), but it still handshake failed, could you help us to figure out this issue. Thank you. Jack ######curl request result###### * Hostname was NOT found in DNS cache * Trying 52.84.248.66... * Connected to 76wn9q1r57.execute-api.us-east-1.amazonaws.com (52.84.248.66) port 443 (#0) * successfully set certificate verify locations: * CAfile: none CApath: /etc/ssl/certs * SSLv3, TLS handshake, Client hello (1): * SSLv3, TLS handshake, Server hello (2): * SSLv3, TLS handshake, CERT (11): * SSLv3, TLS handshake, Server key exchange (12): * SSLv3, TLS handshake, Server finished (14): * SSLv3, TLS handshake, Client key exchange (16): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSLv3, TLS change cipher, Client hello (1): * SSLv3, TLS handshake, Finished (20): * SSL connection using ECDHE-RSA-AES128-GCM-SHA256 ###mt7697 http request result###### [T: 3521 M: httpclient C: info F: httpclient_connect L: 835]: [HTTPClient]: http?:0, port:443, host:76wn9q1r57.execute-api.us-east-1.amazonaws.com [T: 3521 M: httpclient C: info F: httpclient_ssl_conn L: 1069]: [HTTPClient]: httpclient_ssl_conn!!!!!!! . [T: 3583 M: httpclient C: info F: httpclient_ssl_conn L: 1182]: [HTTPClient]: START mbedtls_ssl_handshake()!!!!! [T: 3583 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => handshake [T: 3583 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client state: 0 [T: 3583 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => flush output [T: 3583 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: <= flush output [T: 3583 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client state: 1 [T: 3583 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => flush output [T: 3583 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: <= flush output [T: 3583 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => write client hello [T: 3589 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client hello, max version: [3:3] [T: 3600 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: dumping 'client hello, random bytes' (32 bytes) [T: 3609 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: 0000: 0c 4d 19 b4 57 2b ab 26 3f 56 13 db 00 74 8b 31 .M..W+.&?V...t.1 [T: 3618 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: 0010: 4a 33 63 6d 58 74 cc 79 5f f0 e0 a5 f1 24 50 32 J3cmXt.y_....$P2 [T: 3628 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client hello, session id len.: 0 [T: 3637 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: dumping 'client hello, session id' (0 bytes) [T: 3646 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client hello, add ciphersuite: c02f [T: 3656 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client hello, add ciphersuite: c02b [T: 3665 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client hello, got 3 ciphersuites [T: 3675 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client hello, compress len.: 1 [T: 3685 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client hello, compress alg.: 0 [T: 3737 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client hello, adding signature_algorithms extension [T: 3748 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client hello, adding supported_elliptic_curves extension [T: 3759 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client hello, adding supported_point_formats extension [T: 3770 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client hello, total extension length: 52 [T: 3781 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => write record [T: 3792 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: output record: msgtype = 22, version = [3:1], msglen = 103 [T: 3803 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: dumping 'output record sent to network' (108 bytes) [T: 3813 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: 0000: 16 03 01 00 67 01 00 00 63 03 03 0c 4d 19 b4 57 ....g...c...M..W [T: 3823 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: 0010: 2b ab 26 3f 56 13 db 00 74 8b 31 4a 33 63 6d 58 +.&?V...t.1J3cmX [T: 3833 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: 0020: 74 cc 79 5f f0 e0 a5 f1 24 50 32 00 00 06 c0 2f t.y_....$P2..../ [T: 3845 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: 0030: c0 2b 00 ff 01 00 00 34 00 0d 00 0e 00 0c 04 03 .+.....4........ [T: 3858 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: 0040: 04 01 03 03 03 01 02 03 02 01 00 0a 00 18 00 16 ................ [T: 3871 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: 0050: 00 19 00 1c 00 18 00 1b 00 17 00 16 00 1a 00 15 ................ [T: 3882 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: 0060: 00 14 00 13 00 12 00 0b 00 02 01 00 ............ [T: 3892 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => flush output [T: 3905 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: message length: 108, out_left: 108 [T: 3918 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: ssl->f_send() returned 108 (-0xffffff94) [T: 3932 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: <= flush output [T: 3946 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: <= write record [T: 3961 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: <= write client hello [T: 3975 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: client state: 2 [T: 3989 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => flush output [T: 4003 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: <= flush output [T: 4017 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => parse server hello [T: 4027 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => read record [T: 4037 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => fetch input [T: 4049 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: in_left: 0, nb_want: 5 [T: 4058 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: in_left: 0, nb_want: 5 [T: 4068 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: ssl->f_recv(_timeout)() returned 5 (-0xfffffffb) [T: 4078 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: <= fetch input [T: 4087 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: dumping 'input record header' (5 bytes) [T: 4096 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: 0000: 15 03 03 00 02 ..... [T: 4105 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: input record: msgtype = 21, version = [3:3], msglen = 2 [T: 4115 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => fetch input [T: 4124 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: in_left: 5, nb_want: 7 [T: 4134 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: in_left: 5, nb_want: 7 [T: 4143 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: ssl->f_recv(_timeout)() returned 2 (-0xfffffffe) [T: 4153 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: <= fetch input [T: 4166 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: dumping 'input record from network' (7 bytes) [T: 4175 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: 0000: 15 03 03 00 02 02 28 ......( [T: 4186 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: got an alert message, type: [2:40] [T: 4199 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: is a fatal alert message (msg 40) [T: 4212 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: mbedtls_ssl_handle_message_type() returned -30592 (-0x7780) [T: 4221 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: mbedtls_ssl_read_record() returned -30592 (-0x7780) [T: 4231 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: <= handshake [T: 4241 M: httpclient C: info F: httpclient_ssl_conn L: 1188]: [HTTPClient]: mbedtls_ssl_handshake() failed, ret:-0x7780. [T: 4253 M: httpclient C: info F: httpclient_ssl_conn L: 1210]: [HTTPClient]: ret=-1. [T: 4262 M: httpclient C: info F: httpclient_connect L: 850]: [HTTPClient]: httpclient_connect() result:-1, client:0x2001ad88 [T: 4274 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => write close notify [T: 4288 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: <= write close notify [T: 4299 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: => free [T: 4312 M: httpclient C: info F: httpclient_debug L: 1039]: [HTTPClient]: 0x20020a80: <= free

system · December 30, 2022, 1:16pm

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
My sites only not load in IOS devices ex: iphone5 General cdn , bug , dash-ssl-tls	10	4731	February 16, 2019
Websites using Cloudflare's CDN are not accessible in China Website, Application, Performance	2	2154	December 20, 2020
For CDN and WebSocket nodes, I have a question and I hope to get some help. DNS & Network	1	866	May 18, 2023
Unable to access certain websites using Cloudflare Teams Access CloudflareAccess , CloudflareZeroTrust , CloudflareGateway	1	2462	April 16, 2021
Insecure Transport on cdn-cgi directory Security	4	2798	September 19, 2019

Embedded device unable to access websites using Cloudflare CDN over HTTPS

Related topics