{"id":1303,"date":"2016-01-20T23:36:19","date_gmt":"2016-01-20T17:36:19","guid":{"rendered":"http:\/\/promincproductions.com\/blog\/?p=1303"},"modified":"2016-01-20T23:36:19","modified_gmt":"2016-01-20T17:36:19","slug":"how-to-fix-ssl-certificate-problem-unable-to-get-local-issuer-certificate","status":"publish","type":"post","link":"https:\/\/promincproductions.com\/blog\/how-to-fix-ssl-certificate-problem-unable-to-get-local-issuer-certificate\/","title":{"rendered":"How to fix &#8220;SSL certificate problem: unable to get local issuer certificate&#8221;"},"content":{"rendered":"<p>I&#8217;ve run into the same issue a few times in the past few weeks, so it&#8217;s time for me to write the cause and solution to this.<\/p>\n<figure id=\"attachment_1305\" aria-describedby=\"caption-attachment-1305\" style=\"width: 500px\" class=\"wp-caption aligncenter\"><a href=\"https:\/\/promincproductions.com\/blog\/wp-content\/uploads\/2016\/01\/CURL-SSL-Error.jpg\" rel=\"attachment wp-att-305\" data-lasso-id=\"588\" data-rel=\"lightbox-gallery-Z1YjRqPe\" data-rl_title=\"\" data-rl_caption=\"\" title=\"\"><img decoding=\"async\" class=\"size-medium wp-image-1305\" src=\"https:\/\/promincproductions.com\/blog\/wp-content\/uploads\/2016\/01\/CURL-SSL-Error-500x500.jpg\" alt=\"How to fix the Unable to Get Local Issuer Certificate Error\" width=\"500\" height=\"500\" srcset=\"https:\/\/promincproductions.com\/blog\/wp-content\/uploads\/2016\/01\/CURL-SSL-Error-500x500.jpg 500w, https:\/\/promincproductions.com\/blog\/wp-content\/uploads\/2016\/01\/CURL-SSL-Error-150x150.jpg 150w, https:\/\/promincproductions.com\/blog\/wp-content\/uploads\/2016\/01\/CURL-SSL-Error.jpg 600w\" sizes=\"(max-width: 500px) 100vw, 500px\" \/><\/a><figcaption id=\"caption-attachment-1305\" class=\"wp-caption-text\">How to fix a &#8220;SSL certificate problem: unable to get local issuer certificate&#8221; error from cURL requests in PHP.<\/figcaption><\/figure>\n<h2>The Scenario<\/h2>\n<p>You are writing a cURL request to a secure destination (HTTPS) and you see this dreaded error message pop up in the curl_error():\u00a0<strong>SSL certificate problem: unable to get local issuer certificate<\/strong><\/p>\n<p>No matter what changes you make to your cURL\u00a0request or how many times you verify that you have the correct URL or how many of your remaining hairs you pull out, nothing changes &#8211; this same annoying error message&#8230;.<\/p>\n<h2>The Solution<\/h2>\n<p>While this is technically a clear and detailed error message, if you don&#8217;t know what it means or what it&#8217;s telling you it&#8217;s not very friendly&#8230; \u00a0So let me explain.<\/p>\n<p>You are making a request to a secure source over HTTPS. \u00a0That destination expects you to share some credentials to it stating that you are who you say you are (or something like that at least). \u00a0Put more technically &#8211; you need to send with your request an SSL certificate. \u00a0Thankfully this is something we set in the configuration of your server and thus don&#8217;t need to specify this on each and every request. \u00a0There&#8217;s just a few steps to accomplish this.<\/p>\n<h3>Acquire the ca-bundle.crt\u00a0SSL bundle<\/h3>\n<p>Copy the contents of this URL and save it to your server. \u00a0You can save it to any destination really, but somewhere near the top level of the server is fine.<\/p>\n<p><a href=\"https:\/\/raw.githubusercontent.com\/bagder\/ca-bundle\/master\/ca-bundle.crt\" target=\"_blank\" rel=\"nofollow noopener\" data-lasso-id=\"589\">https:\/\/raw.githubusercontent.com\/bagder\/ca-bundle\/master\/ca-bundle.crt<\/a><\/p>\n<p>In the case I ran into this issue on today, I was using a locally hosted XAMP installation, so I choose this path:<\/p>\n<pre><code>C:\/xampp\/htdocs\/_certs\/ca-bundle.crt<\/code><\/pre>\n<h3>Update the php.ini File to Know the Path to your ca-bundle.crt File<\/h3>\n<p>You&#8217;ll now need to edit your\u00a0<strong>php.ini<\/strong> file to identify where this file is located. \u00a0If you are using XAMP, you can get to the php.ini file from the\u00a0<strong>Config<\/strong> button in the XAMP control panel. \u00a0Other servers have this file in different locations at times, but often times it&#8217;s located in the\u00a0<strong>\/etc<\/strong> directory somewhere.<\/p>\n<p>Add or update these lines in your file:<\/p>\n<pre><code>[CA Certs]\r\ncurl.cainfo=\"C:\/xampp\/htdocs\/_certs\/ca-bundle.crt\"\r\nopenssl.cafile=\"C:\/xampp\/htdocs\/_certs\/ca-bundle.crt\"<\/code><\/pre>\n<p>Obviously you&#8217;ll need to update the path to match where you&#8217;ve saved your file.<\/p>\n<p>Once you&#8217;ve saved the php.ini file you have one step to go.<\/p>\n<h3>Restart PHP<\/h3>\n<p>Each server might be slightly different on how to trigger the PHP restart (shared hosts may be trickier) but you&#8217;ll need to restart PHP for this change to be recognized. \u00a0In XAMP simply turn off Apache and then turn it back on via the XAMP control panel. \u00a0On many Linux servers you can try this command.<\/p>\n<pre><code>service php5-fpm restart<\/code><\/pre>\n<p>And that&#8217;s it! \u00a0With PHP restarted you can now re-try your cURL request and be happy to see an actual request sent and hopefully with no other issues you&#8217;ll see a valid response!!!<\/p>\n<p>&nbsp;<\/p>","protected":false},"excerpt":{"rendered":"<p>I&#8217;ve run into the same issue a few times in the past few weeks, so it&#8217;s time for [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":1305,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"wprm-recipe-roundup-name":"","wprm-recipe-roundup-description":"","_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_post_was_ever_published":false},"categories":[13,5],"tags":[],"class_list":["post-1303","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-php-development","category-website-development"],"jetpack_featured_media_url":"https:\/\/promincproductions.com\/blog\/wp-content\/uploads\/2016\/01\/CURL-SSL-Error.jpg","jetpack_shortlink":"https:\/\/wp.me\/p4BbcR-l1","jetpack_sharing_enabled":true,"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/promincproductions.com\/blog\/wp-json\/wp\/v2\/posts\/1303","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/promincproductions.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/promincproductions.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/promincproductions.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/promincproductions.com\/blog\/wp-json\/wp\/v2\/comments?post=1303"}],"version-history":[{"count":2,"href":"https:\/\/promincproductions.com\/blog\/wp-json\/wp\/v2\/posts\/1303\/revisions"}],"predecessor-version":[{"id":1306,"href":"https:\/\/promincproductions.com\/blog\/wp-json\/wp\/v2\/posts\/1303\/revisions\/1306"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/promincproductions.com\/blog\/wp-json\/wp\/v2\/media\/1305"}],"wp:attachment":[{"href":"https:\/\/promincproductions.com\/blog\/wp-json\/wp\/v2\/media?parent=1303"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/promincproductions.com\/blog\/wp-json\/wp\/v2\/categories?post=1303"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/promincproductions.com\/blog\/wp-json\/wp\/v2\/tags?post=1303"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}