I am using XAMPP for development. Recently I upgraded my installation of xampp from an old version to 1.7.3.
Now when I curl HTTPS enabled sites I get the following exception
Fatal error: Uncaught exception ‘RequestCore_Exception’ with message ‘cURL resource: Resource id #55; cURL error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (60)’
Everyone suggest using some specific curl options from PHP code to fix this problem. I think this shouldn’t be the way. Because I didn’t have any problem with my old version of XAMPP and happened only after installing the new version.
I need help to figure out what settings change in my PHP installation, Apache etc can fix this problem.
Advertisement
Answer
curl used to include a list of accepted certificate authorities (CAs) but no longer bundles ANY CA certs since 7.18.1 and onwards. So by default it’ll reject all TLS/SSL certificates as unverifiable.
You’ll have to get your CA’s root certificate and point curl at it. More details at curl’s details on TLS/SSL certificates verification.