不可接受的证书，应用程序验证失败。 POCO Openssl

Question

我正在尝试执行以下操作：

生成客户端证书，密钥，捆绑包 生成服务器证书，密钥，捆绑

我正在努力表演：

- 服务器证书的客户端验证

- 使用POCO-HTTPS对客户端证书进行服务器端验证。

客户端成功验证证书（服务器）但是 服务器无法验证客户端证书，我得到 “证书验证错误127.0.0.1中的不可接受证书：应用程序验证失败。

使用https://jamielinux.com/docs/openssl-certificate-authority/sign-server-and-client-certificates.html  用于Ubuntu上的客户端和服务器证书/密钥/ CSR生成 代码：

客户代码：

**while(1){
    try{
        SharedPtr<PrivateKeyPassphraseHandler> pConsoleHandler = new KeyConsoleHandler(true);
        SharedPtr<InvalidCertificateHandler> pInvalidCertHandler = new ConsoleCertificateHandler(true);     
        Poco::Net::Context::Ptr m_pContext = new Poco::Net::Context( Poco::Net::Context::CLIENT_USE,"client.key.pem","client.cert.pem","ca-chain.cert.pem",Poco::Net::Context::VERIFY_STRICT);                  
        Poco::Net::SSLManager::instance().initializeClient(pConsoleHandler, pInvalidCertHandler, m_pContext);

        Poco::Net::HTTPSClientSession *m_HTTPClientSession = new Poco::Net::HTTPSClientSession(host,65157,m_pContext);          
        std::string version("HTTP/1.1");
        Poco::Net::HTTPRequest request("GET","/small",version); 
        request.setKeepAlive(m_HTTPClientSession->getKeepAlive());  
        request.write(std::cout);       

        std::ostream& outstream = m_HTTPClientSession->sendRequest(request);
        Poco::Net::HTTPResponse response;
        response.setKeepAlive(m_HTTPClientSession->getKeepAlive());
        std::istream& respStream =  m_HTTPClientSession->receiveResponse(response);                                                                     
        response.write(std::cout);
    }
    catch(Poco::Exception &exc)
    {
        std::cout << "::" << "HTTPClientConnection::ServiceConnection()" << "::" << " Exception while sending the request for client session ::" << exc.displayText().c_str() << std::endl;                             
    }**

服务器代码：

*试 { SharedPtr pConsoleHandler = new KeyConsoleHandler（true）; SharedPtr pInvalidCertHandler = new ConsoleCertificateHandler（true）;

    Poco::Net::Context::Ptr pServerContext = new Poco::Net::Context(
    Poco::Net::Context::SERVER_USE, 
    "localhost.key.pem",
    "localhost.cert.pem",
    "ca-chain.cert.pem",        
    Poco::Net::Context::VERIFY_STRICT,
    9,
    true,
    "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH");                   
    Poco::Net::SSLManager::instance().initializeServer(pConsoleHandler,pInvalidCertHandler,pServerContext);
    HTTPSTestServer srv(pServerContext);
    int port = srv.port();
    std::cout << "Port on which it is listening:: " << port << std::endl;

    while(1){}
}
catch(Poco::Exception &exc)
{
    std::cout << "::" << "HTTPClientConnection::ServiceConnection()" << "::" << " Exception while sending the request for client session ::" << exc.displayText().c_str() << std::endl;                             
}

return 0;*