MQTT Bridge with an external mosquitto broker. ERR 14? tlsv1 alert internal error?!

Hello!! I am trying to make MQTT bridge with an external mosquitto broker.
I have set everyting but I got this system log below.
mqttEvDisconnectCB: MqttClient [gwBridgeS Mqtt Client] Disconnected: [14]
mqttEvWrReady: mosquitto [[gwBridgeS Mqtt Client]] loop write ERR: 14
mqttEvRegister: Register mosquittto event [gwBridgeS Mqtt Client]

And log message as below is mosquitto broker side error message.
SSL routine:ssl3_read_bytes:tlsv1 alert internal error

Other MQTTFX clients like MQTTFX can connect well with the same option.

Please, somebody help me to solve this problem!

Hi. Which Gateway, firmware are you using? SSL? Which port for MQTT bridge?
And where is broker hosted?

Rak7258 with latest firmware version, tlsv1 with self signed certificate+client certificate, 443 and 8883 was tested, mosquitto broker is hosted on the Azure VM, mqtt user name and password are not required.

Will be to do with the self signed certificates as the remote broker cant validate the certificates your service has when setting up the TLS.

Does the Azure platform have any way to add the CA server public certificates you used for signing?

Alternately on the remote MQTT server you need to somehow disable SSL host verification which is insecure

Better yet use a proper TLS cert that is publicly trusted, i.e. a commercial one

Thanks for replying.
I am just using azure virtual machine. So I think self-signed certificate is enough now for the test.
After finishing the test, I am gonna change it to commercial certificate.
Anyways am I missing something from rak`s document about mqtt bridge?
Does this kind of err can be occurred if I put the wrong certificate in the input form? :cry:

Yes quite possibly and the certificate type you generated can also have an impact on it working or not.

the self signed CA will still work and is fine for testing just as long at the signing computer is added to the Azure VM as a ROOT CA otherwise the Azure vm will not be able to validate the certificate. I’m not saying this is the root of your problem, just seems the likely one as I’ve had plenty of issue in the past with TLS and self signed certificates (not with Mosquitto tho).

I did find this article that may help you