Skip to content
Advertisement

HTTPS and SSL3_GET_SERVER_CERTIFICATE:certificate verify failed, CA is OK

I am using XAMPP for development. Recently I upgraded my installation of xampp from an old version to 1.7.3.

Now when I curl HTTPS enabled sites I get the following exception

Fatal error: Uncaught exception ‘RequestCore_Exception’ with message ‘cURL resource: Resource id #55; cURL error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (60)’

Everyone suggest using some specific curl options from PHP code to fix this problem. I think this shouldn’t be the way. Because I didn’t have any problem with my old version of XAMPP and happened only after installing the new version.

I need help to figure out what settings change in my PHP installation, Apache etc can fix this problem.

Advertisement

Answer

curl used to include a list of accepted certificate authorities (CAs) but no longer bundles ANY CA certs since 7.18.1 and onwards. So by default it’ll reject all TLS/SSL certificates as unverifiable.

You’ll have to get your CA’s root certificate and point curl at it. More details at curl’s details on TLS/SSL certificates verification.

User contributions licensed under: CC BY-SA
3 People found this is helpful
Advertisement