Curl error 60 SSL certificate issue self signed certificate in certificate chain

Question

I try to send curl request with my correct APP ID  APP SECRET etc  to the    https   oauth vk com access token client id APP ID amp client secret APP SECRET amp code 7a6fa4dff77a228eeda56603b8f53806c883f011c40b72630bb50df056f6479e52a amp redirect uri REDIRECT URI    I need to get access token from it  but get a FALSE and curl error   print next message otherwise   60  SSL certificate problem  self signed certificate in certificate chain   My code is          create curl resource      ch   curl init            set url     curl setopt  ch  CURLOPT URL   url         return the transfer as a string     curl setopt  ch  CURLOPT RETURNTRANSFER  1            output contains the output string      output   curl exec  ch       if      output            print curl errno  ch         curl error  ch                 close curl resource to free up system resources     curl close  ch        return  output    When I move manually to the link above  I get access token well  Why it doesn t work with curl  Help  please

User · Accepted Answer

Answers suggesting to disable CURLOPT SSL VERIFYPEER should not be accepted  The question is  Why doesn t it work with cURL   and as correctly pointed out by Martijn Hols  it is dangerous   The error is probably caused by not having an up-to-date bundle of CA root certificates  This is typically a text file with a bunch of cryptographic signatures that curl uses to verify a host   s SSL certificate    You need to make sure that your installation of PHP has one of these files  and that it   s up to date  otherwise download one here  http   curl haxx se docs caextract html    Then set in php ini   curl cainfo    lt absolute path to gt  cacert pem   If you are setting it at runtime  use   curl setopt   ch  CURLOPT CAINFO  dirname   FILE      cacert pem

User · Answer

If the SSL certificates are not properly installed in your system  you may get this error      cURL error 60  SSL certificate problem  unable to get local issuer   certificate    You can solve this issue as follows   Download a file with the updated list of certificates from https   curl haxx se ca cacert pem  Move the downloaded cacert pem file to some safe location in your system  Update your php ini file and configure the path to that file

User · Answer

Important  This issue drove me crazy for a couple days and I couldn t figure out what was going on with my curl  amp  openssl installations  I finally figured out that it was my intermediate certificate  in my case  GoDaddy  which was out of date  I went back to my godaddy SSL admin panel  downloaded the new intermediate certificate  and the issue disappeared  I m sure this is the issue for some of you  Apparently  GoDaddy had changed their intermediate certificate at some point  due to scurity issues  as they now display this warning   quot Please be sure to use the new SHA-2 intermediate certificates included in your downloaded bundle  quot  Hope this helps some of you  because I was going nuts and this cleaned up the issue on ALL my servers

User · Answer

This workaround is dangerous and not recommended  curl setopt  ch  CURLOPT SSL VERIFYPEER  false    It s not a good idea to disable SSL peer verification  Doing so might expose your requests to MITM attackers  In fact  you just need an up-to-date CA root certificate bundle  Installing an updated one is as easy as   Downloading up-to-date cacert pem file from cURL website and  Setting a path to it in your php ini file  e g  on Windows  curl cainfo c  php cacert pem   That s it  Stay safe and secure

User · Answer

Error  SSL certificate problem  self signed certificate in certificate   chain   Solution  curl setopt  ch  CURLOPT URL   url   curl setopt  ch  CURLOPT HTTPHEADER   headers   curl setopt  ch  CURLOPT SSL VERIFYHOST  0       curl setopt  ch  CURLOPT SSL VERIFYPEER  0   curl setopt  ch  CURLOPT FAILONERROR  1   curl setopt  ch  CURLOPT RETURNTRANSFER  1   curl setopt  ch  CURLOPT POST  1   curl setopt  ch  CURLOPT POSTFIELDS   data

[php] Curl error 60, SSL certificate issue: self signed certificate in certificate chain

Examples related to php

Examples related to curl

Examples related to oauth

Examples related to vk