Home » Php » php – cURL error 60: SSL certificate prblm: unable to get local issuer certificate

php – cURL error 60: SSL certificate prblm: unable to get local issuer certificate

Posted by: admin April 23, 2020 Leave a comment

Questions:

I want to collect a list of videos uploaded on a specific channel using the YouTube data API. However, before implementing online I am trying to get my code running on an offline environment (WAMPserver, PHP 5.5.12, Apache 2.4.9). I am using the following code:

require_once 'google-api-php-client-2.0.0-RC5/vendor/autoload.php';

$client = new Google_Client();
$client->setApplicationName("SRC_Thor");
$client->setDeveloperKey("xxxxxxxxxxx");

$youtube = new Google_Service_YouTube($client);

$channelResponse = $youtube->channels->listChannels('contentDetails', []);
var_dump($channelResponse);

However it gives the following error:

Fatal error: Uncaught exception ‘GuzzleHttp\Exception\RequestException’ with message ‘cURL error 60: SSL certificate problem: unable to get local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)’

I have tried adding the latest version of cacert.pem as most topics on SO offer as a solution, however to no avail.

How to&Answers:

If you are on Windows using Xampp, I am stealing a better answer from here, would be helpful if Google shows you this question first.

  1. Download and extract for cacert.pem here (a clean file format/data)

    https://curl.haxx.se/docs/caextract.html

  2. Put it in :

    C:\xampp\php\extras\ssl\cacert.pem

  3. Add this line to your php.ini

    curl.cainfo = “C:\xampp\php\extras\ssl\cacert.pem”

  4. restart your webserver/Apache

Answer:

Seeing I am using a local environment I can safely disable SSL, which i did using the following:

$guzzleClient = new \GuzzleHttp\Client(array( 'curl' => array( CURLOPT_SSL_VERIFYPEER => false, ), ));
$client->setHttpClient($guzzleClient);

Where $client is my Google_Client().

Answer:

$guzzleClient = new \GuzzleHttp\Client(['verify' => false]);

Guzzle version 6

You could refer to Guzzle Docs at

http://docs.guzzlephp.org/en/latest/request-options.html#verify

Answer:

I work with xamps nothing of the above did work for me

I tried this and it worked

  1. open vendor\guzzlehttp\guzzle\src\Handler\CurlFactory.php

and change this

$conf[CURLOPT_SSL_VERIFYHOST] = 2;
$conf[CURLOPT_SSL_VERIFYPEER] = true;

to this

$conf[CURLOPT_SSL_VERIFYHOST] = 0;
$conf[CURLOPT_SSL_VERIFYPEER] = FALSE;

it’s a temporary solution if you updated this file the changes will lost

Answer:

for the essence of development and testing, You have two options to a quick fix

  1. Use
$client = new GuzzleHttp\Client();
$request = $client->request('GET',$url, ['verify' => false]); //where $url is your http address
  1. follow @Pham Huy Anh answer’s above then do this
$client = new GuzzleHttp\Client();
$request = $client->request('GET',$url, ['verify' => 'C:\xampp\php\extras\ssl\cacert.pem']);

Hope it helps someone.

Answer:

PCI-DSS 3.1 requires all SSL to only TLS 1.2 so a lot of providers are simply turning everything but TLS 1.2 off. I ran into this type of issue where CURL saw the failure to downgrade handshakes as a failure to verify the SSL certificate. Try finding where your code is doing the CURL call and add this line (be sure to replace $ch with whatever CURL handle your code uses)

curl_setopt($ch, CURLOPT_SSLVERSION, 6);  // Force TLS 1.2

Answer:

it also worked for me by downloading the cert from the
link https://gist.github.com/VersatilityWerks/5719158/download
then
save it in C:\xampp\php\extras\ssl
then edit php.ini. To get Php.ini quickly see the figure below
enter image description here

Then STOP and reStart your apache again. it worked well !!!

Answer:

$guzzleClient = new \GuzzleHttp\Client(['verify' => false]);