Hi,
I'm working on a client application that will connect to an FTPS server (vsftpd) to download files.
Now, I have ca-cert, cert and key files all setup to work with curl like:
curl -3 -k -v --ftp-ssl --tlsv1.2 --ftp-ssl-reqd --ftp-pasv --verbose \
   --ssl \
   --cert ./en-cert.pem                     \
   --cert-type PEM                                    \
   --key ./en-cert.key                    \
   --key-type PEM                                     \
   --cacert ./ca-cert                    \
   ftp://user:pass@10.10.100.1/test.txt -O

Now, I use the same cert, key & ca-cert with mbedtls but am unable to handshake, mbedtls_ssl_handshake()
keeps giving me an error, what is done in order:
- init cert, ca-cert, key, entropy, drbg, ssl, config
- parse ca-cert, cert & key
- seed RNG - mbedtls_ctr_drbg_seed with mbedtls_hardware_poll
- set config defaults MBEDTLS_SSL_IS_CLIENT, MBEDTLS_SSL_TRANSPORT_STREAM, MBEDTLS_SSL_PRESET_DEFAULT
- mbedtls_ssl_conf_ca_chain
- mbedtls_ssl_conf_rng with mbedtls_ctr_drbg_random
- mbedtls_ssl_conf_dbg
- mbedtls_ssl_conf_own_cert
- mbedtls_ssl_setup
- mbedtls_ssl_set_bio
- mbedtls_ssl_handshake
which up to the handshake all seems to go through without any issues.
When I look at it with wireshark, I see something like:

Response: 234 Proceed with negotiation.
Request:looks like the certificate jumbled up 
Response 500 OOPS: 
Response :SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown

Any hints on how I best go about troubleshooting this? I have confirmed that ca-cert, cert & key are identical to the ones
that are used for the above curl command.

Thanks,