Fix SSL Certificate Problem Unable to get Local Issuer Certificate
  • info@comparecheapssl.com

05/30/2021 by admin with 0 comments

How to Fix SSL Certificate Problem Unable to get Local Issuer Certificate?


One error message that a local user can get is “SSL certificate problem: unable to get local issuer certificate” during cURL request execution for the security of HTTPS destination. This error is not common but occurs sometimes. When you start using client SSL and sent a request for a secured HTTPS source for which identity verification of SSL/TLS is needed, then this error will occur. This error may also occur when the working of the root certificate is not proper.

Solution to Fix SSL Certificate Problem: Unable to Get Local Issuer Certificate Problem

  1. Editing php.ini (Keep SSL): Start with downloading the cacert.pem from the website https://curl.haxx.se/ca/cacert.pem. After that, cacert.pem need to be copy into zend/openssl version. For example – ‘/usr/local/openssl0.9.8/certs/cacert.pem’. Open file php.ini and do modification in CURL configuration by adding “cainfo = ‘/usr/local/openssl – 0.9.8/certs/cacert.pem”. Now, start your PHP again and see CURL is able to read HTTPS URL or not.

 

  1. No need to edit php.ini: For maintaining the code of SSL, Enter the code mentioned below

$ch = curl_init( );

 

$certificate_location = ‘/usr/local/openssl – 0.9.8/certs/cacert.pem’;

 

curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, $certificate_location);

 

curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, $certificate_location);

 

  1. Disable SSL (Not Advisable):Now, enter the code mentioned below –

$ch = curl_init( );

 

curl_setopt ($ch, CURLOPT_SSL_VERIFYHOST, 0);

 

curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, 0);

 

  1. Get the SSL Bundle – ca-bundle.cert: Click on the URL mentioned below for copying and saving the content on your server so that you can get an SSL bundle. Destination of saving the content is not so important but it is recommended to save it near the top server level.

https://raw.githubusercontent.com/badger/ca-bundle/master/ca-bundle.crt.

For example – c: /xampp/htdocs/_certs/ca-bundle.crt

 

  1. Editing php.ini File: You have to edit the php.ini file from its location. For example – the Config button is present in the XAMP control panel from where you get the php.ini file and it is also possible that the php.ini file is present in other servers or at some other locations but it is mostly located in /etc directory. After that, add or update some lines into that file:

Curl.cainfo=”c:/xampp/htdocs/_certs/ca-bundle.crt”

 

openssl.cafile=”c:/xampp/htdocs/_certs/ca-bundle.crt”

 

  1. Restarting PHP:Restart the PHP after completing the above-mentioned steps. For example – turn off Apache in the XAMP and then On it through the control panel for XAMP. You can try to use the below-mentioned command if Linux servers are used in the computer.

Service php5-fpm restart

Leave Comment