I am experiencing issues with my embedded device being unable to access websites that use Cloudflare CDN over HTTPS. While I am able to access these websites using HTTP, I am unable to do so over HTTPS. When attempting to access these websites, the device returns an error message.
I have tested this issue on multiple websites that use Cloudflare CDN and have found that the issue persists across all of them. However, when accessing websites that do not use Cloudflare CDN or the Cloudflare website itself, the device is able to connect and receive a response without any issues.
I have tried troubleshooting the issue by checking for any potential configuration issues on the device, but have not been able to find a solution. I am seeking assistance in resolving this issue so that my device can access websites using Cloudflare CDN over HTTPS.
he log for the issue is included below:
[2022-12-27 15:08:10.509][000000000.142] luat_main_print_model 150:model Air780E
[2022-12-27 15:08:10.512][000000000.153] I/luat.pm pm mode 1
[2022-12-27 15:08:10.515][000000000.154] I/luat.pm poweron: Power/Reset
[2022-12-27 15:08:10.516][000000000.154] I/main LuatOS@EC618 base 22.12 bsp V1002 32bit
[2022-12-27 15:08:10.518][000000000.154] I/main ROM Build: Dec 26 2022 23:33:35
[2022-12-27 15:08:10.519][000000000.216] D/main loadlibs luavm 204792 13384 13384
[2022-12-27 15:08:10.520][000000000.216] D/main loadlibs sys 300104 48624 54860
[2022-12-27 15:08:11.001][000000000.951] D/mobile CSCON 1
[2022-12-27 15:08:12.398][000000002.305] D/mobile NETIF_LINK_ON -> IP_READY
[2022-12-27 15:08:12.403][000000002.326] I/user.cipher suites
[2022-12-27 15:08:12.407][000000002.326] ["TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384","TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384","TLS-ECDHE-ECDSA-WITH-AES-256-CCM","TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384","TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384","TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA","TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA","TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8","TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256","TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256","TLS-ECDHE-ECDSA-WITH-AES-128-CCM","TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256","TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256","TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA","TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA","TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8","TLS-RSA-WITH-AES-256-GCM-SHA384","TLS-RSA-WITH-AES-256-CCM","TLS-RSA-WITH-AES-256-CBC-SHA256","TLS-RSA-WITH-AES-256-CBC-SHA","TLS-RSA-WITH-AES-256-CCM-8","TLS-RSA-WITH-AES-128-GCM-SHA256","TLS-RSA-WITH-AES-128-CCM","TLS-RSA-WITH-AES-128-CBC-SHA256","TLS-RSA-WITH-AES-128-CBC-SHA","TLS-RSA-WITH-AES-128-CCM-8","TLS-RSA-PSK-WITH-AES-256-GCM-SHA384","TLS-RSA-PSK-WITH-AES-256-CBC-SHA384","TLS-RSA-PSK-WITH-AES-256-CBC-SHA","TLS-RSA-PSK-WITH-AES-128-GCM-SHA256","TLS-RSA-PSK-WITH-AES-128-CBC-SHA256","TLS-RSA-PSK-WITH-AES-128-CBC-SHA","TLS-PSK-WITH-AES-256-GCM-SHA384","TLS-PSK-WITH-AES-256-CCM","TLS-PSK-WITH-AES-256-CBC-SHA384","TLS-PSK-WITH-AES-256-CBC-SHA","TLS-PSK-WITH-AES-256-CCM-8","TLS-PSK-WITH-AES-128-GCM-SHA256","TLS-PSK-WITH-AES-128-CCM","TLS-PSK-WITH-AES-128-CBC-SHA256","TLS-PSK-WITH-AES-128-CBC-SHA","TLS-PSK-WITH-AES-128-CCM-8"]
[2022-12-27 15:08:12.842][000000002.327] I/http HTTP GET
[2022-12-27 15:08:12.847][000000002.328] D/DNS yanqiyu.info state 0 use dns server2, try 0
[2022-12-27 15:08:12.850][000000002.791] D/DNS dns stop
[2022-12-27 15:08:13.169][000000003.067] mbedtls_ssl_handshake_client_step 4486:client state: 0
[2022-12-27 15:08:13.174][000000003.067] mbedtls_ssl_flush_output 2102:=> flush output
[2022-12-27 15:08:13.177][000000003.067] mbedtls_ssl_flush_output 2114:<= flush output
[2022-12-27 15:08:13.181][000000003.067] mbedtls_ssl_handshake_client_step 4486:client state: 1
[2022-12-27 15:08:13.184][000000003.068] mbedtls_ssl_flush_output 2102:=> flush output
[2022-12-27 15:08:13.188][000000003.068] mbedtls_ssl_flush_output 2114:<= flush output
[2022-12-27 15:08:13.193][000000003.068] ssl_write_client_hello 999:=> write client hello
[2022-12-27 15:08:13.197][000000003.068] ssl_write_client_hello 1054:client hello, max version: [3:3]
[2022-12-27 15:08:13.200][000000003.068] ssl_generate_random 912:client hello, current time: 946684803
[2022-12-27 15:08:13.204][000000003.100] ssl_write_client_hello 1064:dumping 'client hello, random bytes' (32 bytes)
[2022-12-27 15:08:13.208][000000003.100] ssl_write_client_hello 1064:0000: 38 6d 43 83 91 aa 7e a5 3b d8 5f 65 11 33 0c 34 8mC...~.;._e.3.4
[2022-12-27 15:08:13.212][000000003.100] ssl_write_client_hello 1064:0010: 01 4a 0f d6 0e ec b2 fe a3 9d f4 45 78 7c 65 0b .J.........Ex|e.
[2022-12-27 15:08:13.217][000000003.101] ssl_write_client_hello 1124:client hello, session id len.: 0
[2022-12-27 15:08:13.222][000000003.101] ssl_write_client_hello 1125:dumping 'client hello, session id' (0 bytes)
[2022-12-27 15:08:13.230][000000003.101] ssl_write_client_hello 1191:client hello, add ciphersuite: c02c (TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384)
[2022-12-27 15:08:13.233][000000003.101] ssl_write_client_hello 1191:client hello, add ciphersuite: c030 (TLS-ECDHE-RSA-WITH-AES-256-GCM-SHA384)
[2022-12-27 15:08:13.237][000000003.102] ssl_write_client_hello 1191:client hello, add ciphersuite: c0ad (TLS-ECDHE-ECDSA-WITH-AES-256-CCM)
[2022-12-27 15:08:13.242][000000003.102] ssl_write_client_hello 1191:client hello, add ciphersuite: c024 (TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA384)
[2022-12-27 15:08:13.246][000000003.102] ssl_write_client_hello 1191:client hello, add ciphersuite: c028 (TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA384)
[2022-12-27 15:08:13.250][000000003.102] ssl_write_client_hello 1191:client hello, add ciphersuite: c00a (TLS-ECDHE-ECDSA-WITH-AES-256-CBC-SHA)
[2022-12-27 15:08:13.255][000000003.103] ssl_write_client_hello 1191:client hello, add ciphersuite: c014 (TLS-ECDHE-RSA-WITH-AES-256-CBC-SHA)
[2022-12-27 15:08:13.259][000000003.103] ssl_write_client_hello 1191:client hello, add ciphersuite: c0af (TLS-ECDHE-ECDSA-WITH-AES-256-CCM-8)
[2022-12-27 15:08:13.263][000000003.103] ssl_write_client_hello 1191:client hello, add ciphersuite: c02b (TLS-ECDHE-ECDSA-WITH-AES-128-GCM-SHA256)
[2022-12-27 15:08:13.267][000000003.103] ssl_write_client_hello 1191:client hello, add ciphersuite: c02f (TLS-ECDHE-RSA-WITH-AES-128-GCM-SHA256)
[2022-12-27 15:08:13.271][000000003.104] ssl_write_client_hello 1191:client hello, add ciphersuite: c0ac (TLS-ECDHE-ECDSA-WITH-AES-128-CCM)
[2022-12-27 15:08:13.274][000000003.104] ssl_write_client_hello 1191:client hello, add ciphersuite: c023 (TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256)
[2022-12-27 15:08:13.278][000000003.104] ssl_write_client_hello 1191:client hello, add ciphersuite: c027 (TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA256)
[2022-12-27 15:08:13.282][000000003.104] ssl_write_client_hello 1191:client hello, add ciphersuite: c009 (TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA)
[2022-12-27 15:08:13.286][000000003.105] ssl_write_client_hello 1191:client hello, add ciphersuite: c013 (TLS-ECDHE-RSA-WITH-AES-128-CBC-SHA)
[2022-12-27 15:08:13.290][000000003.105] ssl_write_client_hello 1191:client hello, add ciphersuite: c0ae (TLS-ECDHE-ECDSA-WITH-AES-128-CCM-8)
[2022-12-27 15:08:13.293][000000003.105] ssl_write_client_hello 1191:client hello, add ciphersuite: 009d (TLS-RSA-WITH-AES-256-GCM-SHA384)
[2022-12-27 15:08:13.297][000000003.106] ssl_write_client_hello 1191:client hello, add ciphersuite: c09d (TLS-RSA-WITH-AES-256-CCM)
[2022-12-27 15:08:13.301][000000003.106] ssl_write_client_hello 1191:client hello, add ciphersuite: 003d (TLS-RSA-WITH-AES-256-CBC-SHA256)
[2022-12-27 15:08:13.305][000000003.106] ssl_write_client_hello 1191:client hello, add ciphersuite: 0035 (TLS-RSA-WITH-AES-256-CBC-SHA)
[2022-12-27 15:08:13.311][000000003.106] ssl_write_client_hello 1191:client hello, add ciphersuite: c0a1 (TLS-RSA-WITH-AES-256-CCM-8)
[2022-12-27 15:08:13.315][000000003.106] ssl_write_client_hello 1191:client hello, add ciphersuite: 009c (TLS-RSA-WITH-AES-128-GCM-SHA256)
[2022-12-27 15:08:13.318][000000003.107] ssl_write_client_hello 1191:client hello, add ciphersuite: c09c (TLS-RSA-WITH-AES-128-CCM)
[2022-12-27 15:08:13.322][000000003.107] ssl_write_client_hello 1191:client hello, add ciphersuite: 003c (TLS-RSA-WITH-AES-128-CBC-SHA256)
[2022-12-27 15:08:13.327][000000003.107] ssl_write_client_hello 1191:client hello, add ciphersuite: 002f (TLS-RSA-WITH-AES-128-CBC-SHA)
[2022-12-27 15:08:13.331][000000003.107] ssl_write_client_hello 1191:client hello, add ciphersuite: c0a0 (TLS-RSA-WITH-AES-128-CCM-8)
[2022-12-27 15:08:13.336][000000003.108] ssl_write_client_hello 1209:client hello, got 26 ciphersuites (excluding SCSVs)
[2022-12-27 15:08:13.340][000000003.108] ssl_write_client_hello 1219:adding EMPTY_RENEGOTIATION_INFO_SCSV
[2022-12-27 15:08:13.343][000000003.108] ssl_write_client_hello 1273:client hello, compress len.: 1
[2022-12-27 15:08:13.348][000000003.109] ssl_write_client_hello 1274:client hello, compress alg.: 0
[2022-12-27 15:08:13.352][000000003.109] ssl_write_signature_algorithms_ext 230:client hello, adding signature_algorithms extension
[2022-12-27 15:08:13.355][000000003.109] ssl_write_supported_elliptic_curves_ext 324:client hello, adding supported_elliptic_curves extension
[2022-12-27 15:08:13.361][000000003.109] ssl_write_supported_point_formats_ext 393:client hello, adding supported_point_formats extension
[2022-12-27 15:08:13.366][000000003.110] ssl_write_encrypt_then_mac_ext 613:client hello, adding encrypt_then_mac extension
[2022-12-27 15:08:13.370][000000003.110] ssl_write_extended_ms_ext 645:client hello, adding extended_master_secret extension
[2022-12-27 15:08:13.373][000000003.110] ssl_write_client_hello 1433:client hello, total extension length: 72
[2022-12-27 15:08:13.378][000000003.110] mbedtls_ssl_write_handshake_msg 2542:=> write handshake message
[2022-12-27 15:08:13.381][000000003.112] mbedtls_ssl_write_record 2701:=> write record
[2022-12-27 15:08:13.387][000000003.112] mbedtls_ssl_write_record 2814:output record: msgtype = 22, version = [3:1], msglen = 171
[2022-12-27 15:08:13.395][000000003.112] mbedtls_ssl_write_record 2819:dumping 'output record sent to network' (176 bytes)
[2022-12-27 15:08:13.399][000000003.112] mbedtls_ssl_write_record 2819:0000: 16 03 01 00 ab 01 00 00 a7 03 03 38 6d 43 83 91 ...........8mC..
[2022-12-27 15:08:13.403][000000003.113] mbedtls_ssl_write_record 2819:0010: aa 7e a5 3b d8 5f 65 11 33 0c 34 01 4a 0f d6 0e .~.;._e.3.4.J...
[2022-12-27 15:08:13.407][000000003.113] mbedtls_ssl_write_record 2819:0020: ec b2 fe a3 9d f4 45 78 7c 65 0b 00 00 36 c0 2c ......Ex|e...6.,
[2022-12-27 15:08:13.411][000000003.113] mbedtls_ssl_write_record 2819:0030: c0 30 c0 ad c0 24 c0 28 c0 0a c0 14 c0 af c0 2b .0...$.(.......+
[2022-12-27 15:08:13.414][000000003.114] mbedtls_ssl_write_record 2819:0040: c0 2f c0 ac c0 23 c0 27 c0 09 c0 13 c0 ae 00 9d ./...#.'........
[2022-12-27 15:08:13.418][000000003.114] mbedtls_ssl_write_record 2819:0050: c0 9d 00 3d 00 35 c0 a1 00 9c c0 9c 00 3c 00 2f ...=.5.......<./
[2022-12-27 15:08:13.421][000000003.114] mbedtls_ssl_write_record 2819:0060: c0 a0 00 ff 01 00 00 48 00 0d 00 16 00 14 06 03 .......H........
[2022-12-27 15:08:13.427][000000003.115] mbedtls_ssl_write_record 2819:0070: 06 01 05 03 05 01 04 03 04 01 03 03 03 01 02 03 ................
[2022-12-27 15:08:13.430][000000003.115] mbedtls_ssl_write_record 2819:0080: 02 01 00 0a 00 1c 00 1a 00 19 00 1c 00 18 00 1b ................
[2022-12-27 15:08:13.434][000000003.115] mbedtls_ssl_write_record 2819:0090: 00 17 00 16 00 1a 00 15 00 14 00 13 00 12 00 1d ................
[2022-12-27 15:08:13.438][000000003.116] mbedtls_ssl_write_record 2819:00a0: 00 1e 00 0b 00 02 01 00 00 16 00 00 00 17 00 00 ................
[2022-12-27 15:08:13.442][000000003.116] mbedtls_ssl_flush_output 2102:=> flush output
[2022-12-27 15:08:13.446][000000003.116] mbedtls_ssl_flush_output 2120:message length: 176, out_left: 176
[2022-12-27 15:08:13.450][000000003.116] mbedtls_ssl_flush_output 2127:ssl->f_send() returned 176 (-0xffffff50)
[2022-12-27 15:08:13.453][000000003.117] mbedtls_ssl_flush_output 2155:<= flush output
[2022-12-27 15:08:13.460][000000003.117] mbedtls_ssl_write_record 2870:<= write record
[2022-12-27 15:08:13.462][000000003.117] mbedtls_ssl_write_handshake_msg 2678:<= write handshake message
[2022-12-27 15:08:13.466][000000003.117] ssl_write_client_hello 1470:<= write client hello
[2022-12-27 15:08:13.470][000000003.117] mbedtls_ssl_handshake_client_step 4486:client state: 2
[2022-12-27 15:08:13.474][000000003.117] mbedtls_ssl_flush_output 2102:=> flush output
[2022-12-27 15:08:13.477][000000003.118] mbedtls_ssl_flush_output 2114:<= flush output
[2022-12-27 15:08:13.481][000000003.118] ssl_parse_server_hello 2085:=> parse server hello
[2022-12-27 15:08:13.485][000000003.118] mbedtls_ssl_read_record 3941:=> read record
[2022-12-27 15:08:13.489][000000003.118] mbedtls_ssl_fetch_input 1886:=> fetch input
[2022-12-27 15:08:13.492][000000003.118] mbedtls_ssl_fetch_input 2041:in_left: 0, nb_want: 5
[2022-12-27 15:08:13.496][000000003.118] mbedtls_ssl_fetch_input 2066:in_left: 0, nb_want: 5
[2022-12-27 15:08:13.622][000000003.560] mbedtls_ssl_handshake_client_step 4486:client state: 2
[2022-12-27 15:08:13.627][000000003.560] mbedtls_ssl_flush_output 2102:=> flush output
[2022-12-27 15:08:13.631][000000003.560] mbedtls_ssl_flush_output 2114:<= flush output
[2022-12-27 15:08:13.634][000000003.560] ssl_parse_server_hello 2085:=> parse server hello
[2022-12-27 15:08:13.638][000000003.560] mbedtls_ssl_read_record 3941:=> read record
[2022-12-27 15:08:13.644][000000003.560] mbedtls_ssl_fetch_input 1886:=> fetch input
[2022-12-27 15:08:13.648][000000003.561] mbedtls_ssl_fetch_input 2041:in_left: 0, nb_want: 5
[2022-12-27 15:08:13.651][000000003.561] mbedtls_ssl_fetch_input 2066:in_left: 0, nb_want: 5
[2022-12-27 15:08:13.655][000000003.561] mbedtls_ssl_fetch_input 2069:ssl->f_recv(_timeout)() returned 5 (-0xfffffffb)
[2022-12-27 15:08:13.659][000000003.561] mbedtls_ssl_fetch_input 2089:<= fetch input
[2022-12-27 15:08:13.662][000000003.562] ssl_parse_record_header 3670:dumping 'input record header' (5 bytes)
[2022-12-27 15:08:13.666][000000003.562] ssl_parse_record_header 3670:0000: 15 03 01 00 02 .....
[2022-12-27 15:08:13.669][000000003.562] ssl_parse_record_header 3672:input record: msgtype = 21, version = [3:1], msglen = 2
[2022-12-27 15:08:13.673][000000003.562] mbedtls_ssl_fetch_input 1886:=> fetch input
[2022-12-27 15:08:13.677][000000003.562] mbedtls_ssl_fetch_input 2041:in_left: 5, nb_want: 7
[2022-12-27 15:08:13.680][000000003.563] mbedtls_ssl_fetch_input 2066:in_left: 5, nb_want: 7
[2022-12-27 15:08:13.684][000000003.563] mbedtls_ssl_fetch_input 2069:ssl->f_recv(_timeout)() returned 2 (-0xfffffffe)
[2022-12-27 15:08:13.687][000000003.563] mbedtls_ssl_fetch_input 2089:<= fetch input
[2022-12-27 15:08:13.692][000000003.563] ssl_prepare_record_content 3783:dumping 'input record from network' (7 bytes)
[2022-12-27 15:08:13.696][000000003.563] ssl_prepare_record_content 3783:0000: 15 03 01 00 02 02 28 ......(
[2022-12-27 15:08:13.699][000000003.564] mbedtls_ssl_handle_message_type 4897:got an alert message, type: [2:40]
[2022-12-27 15:08:13.703][000000003.564] mbedtls_ssl_handle_message_type 4905:is a fatal alert message (msg 40)
[2022-12-27 15:08:13.708][000000003.564] mbedtls_ssl_read_record 3999:mbedtls_ssl_handle_message_type() returned -30592 (-0x7780)
[2022-12-27 15:08:13.711][000000003.564] ssl_parse_server_hello 2090:mbedtls_ssl_read_record() returned -30592 (-0x7780)
[2022-12-27 15:08:13.715][000000003.564] network_state_shakehand 660:0x7780, 2
[2022-12-27 15:08:13.718][000000003.565] E/http luat_lib_http_callback http_ctrl close 33554449 -1
[2022-12-27 15:08:13.722][000000003.565] mbedtls_ssl_free 6839:=> free
[2022-12-27 15:08:13.725][000000003.566] mbedtls_ssl_free 6918:<= free
[2022-12-27 15:08:13.729][000000003.570] I/user.http -5 {} nil