SSL_connect failed,err code=-155;做ssl连接aws服务器的时候，出现一直ssl_connect failed。

做ssl连接aws服务器的时候，出现一直ssl_connect failed，使用mqttfx工具测试正常，所以确认证书应该没有问题，另外使用另一套地址和和证书，可以连接成功，也就证明代码上应该没有问题。所以现在无法判断问题出现在哪里，有没有前辈遇到过类似问题，请指点一二。
连接日志如下：

cyassl_log CyaSSL Entering CYASSL_CTX_new
cyassl_log CyaSSL Entering CyaSSL_CertManagerNew
cyassl_log CyaSSL Leaving CYASSL_CTX_new, return 0
cyassl_log CyaSSL Entering CyaSSL_CTX_load_verify_buffer
cyassl_log Processing CA PEM file
cyassl_log Adding a CA
cyassl_log CyaSSL Entering GetExplicitVersion
cyassl_log CyaSSL Entering GetMyVersion
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log Getting Cert Name
cyassl_log Getting Cert Name
DecodeToKey: Certificate: 
Subject: /C=US/O=Amazon/CN=Amazon Root CA 1
Issuer: /C=US/O=Amazon/CN=Amazon Root CA 1

cyassl_log CyaSSL Entering GetAlgoId
cyassl_log CyaSSL Entering DecodeCertExtensions
cyassl_log      found optional critical flag, moving past
cyassl_log CyaSSL Entering DecodeBasicCaConstraint
cyassl_log      found optional critical flag, moving past
cyassl_log      Extension type not handled, skipping
cyassl_log      Extension type not handled, skipping
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log     Parsed new CA
cyassl_log     Freeing Parsed CA
cyassl_log     Freeing der CA
cyassl_log         OK Freeing der CA
cyassl_log CyaSSL Leaving AddCA, return 0
cyassl_log    Processed a CA
cyassl_log CyaSSL Entering CyaSSL_CTX_use_PrivateKey_buffer
cyassl_log CyaSSL Entering GetMyVersion
cyassl_log CyaSSL Entering CyaSSL_CTX_use_certificate_buffer
cyassl_log Checking cert signature type
cyassl_log CyaSSL Entering GetExplicitVersion
cyassl_log CyaSSL Entering GetMyVersion
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log Getting Cert Name
cyassl_log Getting Cert Name
DecodeToKey: Certificate: 
Subject: /CN=AWS IoT Certificate
Issuer: /OU=Amazon Web Services O=Amazon.com Inc. L=Seattle ST=Washington C=US

cyassl_log CyaSSL Entering GetAlgoId
cyassl_log Not ECDSA cert signature
cyassl_log CyaSSL Entering SSL_new
cyassl_log CyaSSL Leaving SSL_new, return 0
cyassl_log CyaSSL Entering SSL_set_fd
cyassl_log CyaSSL Leaving SSL_set_fd, return 1
cyassl_log CyaSSL Entering SSL_connect()
cyassl_log growing output buffer

cyassl_log Shrinking output buffer

cyassl_log connect state: CLIENT_HELLO_SENT
GetInputData: 5
cyassl_log growing input buffer

Blocking for data from network ... expecting 5 bytes
Got 5 bytes
GetInputData: 4998
cyassl_log growing input buffer

Blocking for data from network ... expecting 4998 bytes
Got 2395 bytes
Blocking for data from network ... expecting 2603 bytes
Got 1200 bytes
Blocking for data from network ... expecting 1403 bytes
Got 1200 bytes
Blocking for data from network ... expecting 203 bytes
Got 203 bytes
cyassl_log received record layer msg
cyassl_log CyaSSL Entering DoHandShakeMsg()
cyassl_log CyaSSL Entering DoHandShakeMsgType
cyassl_log processing server hello
cyassl_log CyaSSL Leaving DoHandShakeMsgType(), return 0
cyassl_log CyaSSL Leaving DoHandShakeMsg(), return 0
cyassl_log More messages in record
cyassl_log received record layer msg
cyassl_log CyaSSL Entering DoHandShakeMsg()
cyassl_log CyaSSL Entering DoHandShakeMsgType
cyassl_log processing certificate
cyassl_log Loading peer's cert chain
cyassl_log     Put another cert into chain
cyassl_log     Put another cert into chain
cyassl_log     Put another cert into chain
cyassl_log     Put another cert into chain
Total certificates in chain : 4
Decoding the certificates ...
Parse certificate- Length: 1145
cyassl_log CyaSSL Entering GetExplicitVersion
cyassl_log CyaSSL Entering GetMyVersion
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log Getting Cert Name
cyassl_log Getting Cert Name
DecodeToKey: Certificate: 
Subject: /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2
Issuer: /C=US/O=Starfield Technologies, Inc./OU=Starfield Class 2 Certification Authority

cyassl_log CyaSSL Entering GetAlgoId
cyassl_log CyaSSL Entering DecodeCertExtensions
cyassl_log      found optional critical flag, moving past
cyassl_log CyaSSL Entering DecodeBasicCaConstraint
cyassl_log      found optional critical flag, moving past
cyassl_log      Extension type not handled, skipping
cyassl_log      Extension type not handled, skipping
cyassl_log      Extension type not handled, skipping
cyassl_log      There are more Authority Information Access records, but we only use first one.
cyassl_log CyaSSL Entering DecodeCrlDist
cyassl_log      Extension type not handled, skipping
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log About to verify certificate signature
cyassl_log No CA signer to verify with
cyassl_log Failed to verify CA from chain
Parse certificate- Length: 1174
cyassl_log CyaSSL Entering GetExplicitVersion
cyassl_log CyaSSL Entering GetMyVersion
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log Getting Cert Name
cyassl_log Getting Cert Name
DecodeToKey: Certificate: 
Subject: /C=US/O=Amazon/CN=Amazon Root CA 1
Issuer: /C=US/ST=Arizona/L=Scottsdale/O=Starfield Technologies, Inc./CN=Starfield Services Root Certificate Authority - G2

cyassl_log CyaSSL Entering GetAlgoId
cyassl_log CyaSSL Entering DecodeCertExtensions
cyassl_log      found optional critical flag, moving past
cyassl_log CyaSSL Entering DecodeBasicCaConstraint
cyassl_log      found optional critical flag, moving past
cyassl_log      Extension type not handled, skipping
cyassl_log      Extension type not handled, skipping
cyassl_log      Extension type not handled, skipping
cyassl_log      There are more Authority Information Access records, but we only use first one.
cyassl_log CyaSSL Entering DecodeCrlDist
cyassl_log      Extension type not handled, skipping
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log About to verify certificate signature
cyassl_log No CA signer to verify with
cyassl_log Failed to verify CA from chain
Parse certificate- Length: 1101
cyassl_log CyaSSL Entering GetExplicitVersion
cyassl_log CyaSSL Entering GetMyVersion
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log Getting Cert Name
cyassl_log Getting Cert Name
DecodeToKey: Certificate: 
Subject: /C=US/O=Amazon/OU=Server CA 1B/CN=Amazon
Issuer: /C=US/O=Amazon/CN=Amazon Root CA 1

cyassl_log CyaSSL Entering GetAlgoId
cyassl_log CyaSSL Entering DecodeCertExtensions
cyassl_log      found optional critical flag, moving past
cyassl_log CyaSSL Entering DecodeBasicCaConstraint
cyassl_log      found optional critical flag, moving past
cyassl_log      Extension type not handled, skipping
cyassl_log      Extension type not handled, skipping
cyassl_log      Extension type not handled, skipping
cyassl_log      There are more Authority Information Access records, but we only use first one.
cyassl_log CyaSSL Entering DecodeCrlDist
cyassl_log      Extension type not handled, skipping
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log About to verify certificate signature
cyassl_log Adding CA from chain
cyassl_log Adding a CA
cyassl_log CyaSSL Entering GetExplicitVersion
cyassl_log CyaSSL Entering GetMyVersion
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log Getting Cert Name
cyassl_log Getting Cert Name
DecodeToKey: Certificate: 
Subject: /C=US/O=Amazon/OU=Server CA 1B/CN=Amazon
Issuer: /C=US/O=Amazon/CN=Amazon Root CA 1

cyassl_log CyaSSL Entering GetAlgoId
cyassl_log CyaSSL Entering DecodeCertExtensions
cyassl_log      found optional critical flag, moving past
cyassl_log CyaSSL Entering DecodeBasicCaConstraint
cyassl_log      found optional critical flag, moving past
cyassl_log      Extension type not handled, skipping
cyassl_log      Extension type not handled, skipping
cyassl_log      Extension type not handled, skipping
cyassl_log      There are more Authority Information Access records, but we only use first one.
cyassl_log CyaSSL Entering DecodeCrlDist
cyassl_log      Extension type not handled, skipping
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log     Parsed new CA
cyassl_log     Freeing Parsed CA
cyassl_log     Freeing der CA
cyassl_log         OK Freeing der CA
cyassl_log CyaSSL Leaving AddCA, return 0
cyassl_log Veriying Peer's cert
cyassl_log CyaSSL Entering GetExplicitVersion
cyassl_log CyaSSL Entering GetMyVersion
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log Getting Cert Name
cyassl_log Getting Cert Name
DecodeToKey: Certificate: 
Subject: /CN=*.iot.us-west-2.amazonaws.com
Issuer: /C=US/O=Amazon/OU=Server CA 1B/CN=Amazon

cyassl_log CyaSSL Entering GetAlgoId
cyassl_log CyaSSL Entering DecodeCertExtensions
cyassl_log      Extension type not handled, skipping
cyassl_log      Extension type not handled, skipping
cyassl_log CyaSSL Entering DecodeAltNames
cyassl_log      Not DNS type
cyassl_log      Extension type not handled, skipping
cyassl_log      found optional critical flag, moving past
cyassl_log      Extension type not handled, skipping
cyassl_log      Extension type not handled, skipping
cyassl_log CyaSSL Entering DecodeCrlDist
cyassl_log      Extension type not handled, skipping
cyassl_log      There are more Authority Information Access records, but we only use first one.
cyassl_log      found optional critical flag, moving past
cyassl_log CyaSSL Entering DecodeBasicCaConstraint
cyassl_log      Extension type not handled, skipping
cyassl_log CyaSSL Entering GetAlgoId
cyassl_log About to verify certificate signature
cyassl_log Verified Peer's cert
cyassl_log growing output buffer

cyassl_log Shrinking output buffer

cyassl_log CyaSSL Leaving DoHandShakeMsgType(), return -155
cyassl_log CyaSSL Leaving DoHandShakeMsg(), return -155
cyassl_log CyaSSL error occured, error = -155
cyassl_log CyaSSL Entering SSL_get_error
cyassl_log CyaSSL Leaving SSL_get_error, return -155
cyassl_log CyaSSL Entering ERR_error_string
---------------------err = -155, ASN sig error, confirm failure
SSL_connect failed
cyassl_log CyaSSL Entering SSL_shutdown()
cyassl_log CyaSSL Leaving SSL_shutdown(), return -155
cyassl_log CyaSSL Entering SSL_free
cyassl_log CTX ref count not 0 yet, no free
cyassl_log Shrinking input buffer

写回答
好问题 0 提建议
追加酬金
关注问题
分享
邀请回答
编辑收藏删除结题
收藏举报

1条回答默认最新

关注

码龄粉丝数原力等级 --

被采纳

被点赞

采纳率
Estelle_guan 2023-02-15 16:07
关注
现在这个问题解决了吗？

解决无用
评论打赏
分享
举报

评论

按下Enter换行，Ctrl+Enter发表内容

报告相同问题？

关注问题

libcurl 进行HTTPS进行双向认证返回CURLE_SSL_CONNECT_ERROR失败 ssl windows
2018-04-08 01:54

回答 3 已采纳无奈自己结帖，其实原因很简单，项目中之前用到过libcurl，之前的版本和现在的版本冲突了才导致请求不成功
openssl编程时SSL_accept返回错误SSL_ERROR_SSL可能有哪些问题，怎么解决？ c++
2020-03-28 20:57

回答 2 已采纳可能是证书生成的有问题，可以参考这个内容 https://blog.csdn.net/zxh2075/article/details/79967227
c语言远程连接数据库报错ssl connect error c语言 mysql
2022-07-07 11:26

回答 1 已采纳 mysql -h10.233.117.225 -P3306 -uroot -p --ssl-mode=DISABLED 参数–ssl-mode取值官方文档：https://dev.mysql.com
OpenSSL SSL_read: SSL_ERROR_SYSCALL, errno 10054
2019-03-03 14:02

dong-sir的博客 OpenSSL SSL_read: SSL_ERROR_SYSCALL, errno 10054，vagrant box add laravel/homestead，安装 Homestead Vagrant Box，laravel/homestead box 添加到 Vagrant 中安装，Failed to connect to vagrantcloud-files-...
ssl._create_default_https_context无效 python
2018-03-04 19:10

回答 1 已采纳这个是跟服务器连接失败，你的代理能不能正确连接等
WebSocket连接失败：连接建立错误：net :: ERR_SSL_PROTOCOL_ERROR javascript
2017-03-08 21:41

回答 1 已采纳 Your server is only listening for HTTP connections so you should use ws when making a connection.
Python pop3连接出现:poplib.error_proto: b'-ERR Unknown message' python
2023-03-11 10:53

回答 1 已采纳可以查看手册：python-poplib --- POP3 协议客户端中的内容
MQTT协议TLS SSL部分测试双向验证出现的问题
2017-12-13 10:38

Vincent8080的博客区别在于端口8883只需要客户端验证服务端的链接即可，端口8884需要双向验证客户端也需要向服务器上传证书。两个端口的测试代码我在之前的文章iOS开发中MQTTKit的TLS/SSL支持方案已经提供。关于客户端证书，我们需要...
POST 。。。net::ERR_SSL_PROTOCOL_ERROR php 微信服务器
2018-01-24 05:51

回答 4 已采纳 1.首先检查系统的日期和时间是否正确 2.检查端口443是否已打开 3.httpd.conf文件中 #Include conf/httpd-ssl.conf 去掉# ,重启Apache
SSL：GAE / Go上的CERTIFICATE_VERIFY_FAILED
2017-04-03 04:46

回答 1 已采纳 This is because Google has updated their server certificates but have not notified the Go SDK team
chrome浏览器报错 ERR_SSL_OBSOLETE_VERSION c#
2020-07-27 11:09

回答 3 已采纳 using Fleck server.EnabledSslProtocols = SslProtocols.Tls12 | SslProtocols.Ssl3 | SslProtocols.
(2) S3 connect reset by peer
2018-09-17 18:54

__Silent的博客 Connect reset 原因定位分析 1. 问题表现继第一篇《问题描述 & 初步分析定位》，问题表现为： s3cmd error message: error: [Errno 104] Connection reset by peer radosgw error message: ERROR: ...
Hi3518ev300 在HI_MIPI_ENABLE_SENSOR_CLOCK 时失败，报错：__osal_unlocked_ioctl - Input param err,it is null! c语言人工智能
2019-09-27 16:36

回答 1 已采纳 https://blog.csdn.net/qq_42448904/article/details/89203432
在 Rocky linux 8.5 使用 Kubespray v2.21.0 离线部署 kubernetes v1.25.6 集群(草稿)
2023-04-17 21:31

ghostwritten的博客 Kubespray可以部署在 AWS, GCE, Azure, OpenStack 以及裸机上.部署 High Available Kubernetes 集群.可组合性 (Composable)，可自行选择 Network Plugin (flannel, calico, canal, weave) 来部署.支持多种 Linux ...
RHEL 8.6 Kubespray 2.23.0 offline install kubernetes v1.27.5
2023-10-20 22:48

ghostwritten的博客该配置部署的目的主要完成 nginx部署，为了其他节点拉取各类文件、工具包；并且完成镜像推送入库步骤。，存在一个 pip 包依赖（jmespath 1.0.1），下面镜像已重新编译。注意：如果你喜欢通过容器部署集群，需要下载 ...
没有解决我的问题, 去提问

悬赏问题

¥15 安卓adb backup备份应用数据失败
¥15 eclipse运行项目时遇到的问题
¥15 关于#c##的问题：最近需要用CAT工具Trados进行一些开发
¥15 南大pa1 小游戏没有界面，并且报了如下错误，尝试过换显卡驱动，但是好像不行
¥15 没有证书，nginx怎么反向代理到只能接受https的公网网站
¥50 成都蓉城足球俱乐部小程序抢票
¥15 yolov7训练自己的数据集
¥15 esp8266与51单片机连接问题(标签-单片机|关键词-串口)（相关搜索：51单片机|单片机|测试代码）
¥15 电力市场出清matlab yalmip kkt 双层优化问题
¥30 ros小车路径规划实现不了，如何解决？(操作系统-ubuntu)

SSL_connect failed,err code=-155;做ssl连接aws服务器的时候，出现一直ssl_connect failed。

1条回答 默认 最新

悬赏问题

1条回答默认最新