aws_iot_shadow_connect(&mqttClient, &scp) always returning "-28"

[pranoyd-nd]

Hi,

We are experiencing an issue while trying to connect to AWSIOT shadow where the return code is always "-28" (MQTT_REQUEST_TIMEOUT_ERROR)

The below are some key observations:

• After re-creating the certificates (certificate.pem.crt & private.pem.key) the connection was successful.

• The older certificates were not corrupted. There was no parse error for the certificates.
  The below errors were never seen:
  /** Returned when the device certificate is invalid /
  NETWORK_X509_DEVICE_CRT_PARSE_ERROR = -20,
  /* Returned when the private key failed to parse */
  NETWORK_PK_PRIVATE_KEY_PARSE_ERROR = -21,

• The internet connectivity was fine.

• It was never able to connect to the shadow with the certificates. And as soon as the certificates are re-generated/downloaded, it was able to connect.

Version: https://github.com/aws/aws-iot-device-sdk-embedded-C/releases/tag/v2.1.1

Kindly help to understand what is the issue with the certificates.
As the MQTT_REQUEST_TIMEOUT_ERROR may temporarily come due to actual connection timeout, we are not considering this return code (-28) as a trigger to reset the certificate and private key.
Kindly suggest how we can differentiate this behaviour with genuine timeouts so that we can effectively handle this issue.

[archigup]

Do those certificates work with a different SDK? If the cert is rejected from cloud side, we wouldn't know if it was due to invalid cert. Though, as far as I know, in that case IoT Core kills the connection, so I would expect a connection killed and not timed out. Are you able to see the connection attempts cloud side? You could enable Device Defender and see if it reports failed connection attempts for your Thing.

Are you able to upgrade to a newer version of the SDK?