测试https 使用curl 验证不通过

[lialvin]

#由ca 生成证书
openssl genrsa -out server.key 1024
openssl req -new -subj /CN=thgy/O=thchain/OU=keyms -key server.key -out server.csr

openssl genrsa -out ca.key 1024
openssl req -new -subj /CN=thgy/O=thchain/OU=keyms -key ca.key -out ca.csr
openssl x509 -req -in ca.csr -signkey ca.key -out ca.crt
openssl x509 -req -CA ca.crt -CAkey ca.key -CAcreateserial -in server.csr -out server.crt
openssl x509 -in ca.crt -out ca.pem -outform PEM
https 服务端 使用 server.key server.crt

客户端使用
curl --cacert ca_info.pem -H "Content-type: application/json" -X POST --data '{"jsonrpc":"2.0","method":"encDataKey","params":["'123456'"],"id":83}' https://127.0.0.1:9001/

访问 alvin@node1:~/thkms/scripts$ curl --cacert ca_info.pem -H "Content-type: application/json" -X POST --data '{"jsonrpc":"2.0","method":"encDataKey","params":["'123456'"],"id":83}' https://127.0.0.1:9001/
curl: (60) SSL certificate problem: self signed certificate
More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
报错，能帮忙确认下问题吗？ 使用不验证对端可以访问

[qicosmos]

openssl版本是什么版本？

[qicosmos]

我之前测试的好像是1.02版

[lialvin]

openssl版本是什么版本？

alvin@node1:~$ openssl version
OpenSSL 1.1.1l 24 Aug 2021

[qicosmos]

新版本我都还没测试过

[qicosmos]

不确定asio是不是支持了新版本的ssl，我要确认一下

[lialvin]

好的，谢谢

[qicosmos]

可否测试一下最新的代码呢？