cURL error 60: SSL certificate: unable to get local issuer certificate
Working solution assuming your on Windows using XAMPP:
XAMPP server
- Similar for other environment
- download and extract for cacert.pem here (a clean file format/data)
- Put it here in the following directory.
C:\xampp\php\extras\ssl\cacert.pem
- In your php.ini put this line in this section ("c:\xampp\php\php.ini"):
;;;;;;;;;;;;;;;;;;;;; php.ini Options ;;;;;;;;;;;;;;;;;;;;;curl.cainfo = "C:\xampp\php\extras\ssl\cacert.pem"
Restart your webserver/apache
Problem solved!
Attention Wamp/Wordpress/windows users. I had this issue for hours and not even the correct answer was doing it for me, because i was editing the wrong php.ini file because the question was answered to XAMPP and not for WAMP users, even though the question was for WAMP.
here's what i did
Download the certificate bundle.
Put it inside of C:\wamp64\bin\php\your php version\extras\ssl
Make sure the file mod_ssl.so
is inside of C:\wamp64\bin\apache\apache(version)\modules
Enable mod_ssl
in httpd.conf
inside of Apache directory C:\wamp64\bin\apache\apache2.4.27\conf
Enable php_openssl.dll
in php.ini
. Be aware my problem was that I had two php.ini files and I need to do this in both of them. First one can be located inside of your WAMP taskbar icon here.
and the other one is located in C:\wamp64\bin\php\php(Version)
find the location for both of the php.ini
files and find the line curl.cainfo =
and give it a path like this
curl.cainfo = "C:\wamp64\bin\php\php(Version)\extras\ssl\cacert.pem"
Now save the files and restart your server and you should be good to go
If you are using PHP 5.6 with Guzzle, Guzzle has switched to using the PHP libraries autodetect for certificates rather than it's process (ref). PHP outlines the changes here.
Finding out Where PHP/Guzzle is Looking for Certificates
You can dump where PHP is looking using the following PHP command:
var_dump(openssl_get_cert_locations());
Getting a Certificate Bundle
For OS X testing, you can use homebrew to install openssl brew install openssl
and then use openssl.cafile=/usr/local/etc/openssl/cert.pem
in your php.ini or Zend Server settings (under OpenSSL).
A certificate bundle is also available from curl/Mozilla on the curl website: https://curl.haxx.se/docs/caextract.html
Telling PHP Where the Certificates Are
Once you have a bundle, either place it where PHP is already looking (which you found out above) or update openssl.cafile
in php.ini. (Generally, /etc/php.ini
or /etc/php/7.0/cli/php.ini
or /etc/php/php.ini
on Unix.)