How to fix "SSL certificate problem: self signed certificate in certificate chain" error?
Probably you don't have correct CA certificates available in the container, so TLS connections can't be verified.
Try to install ca-certificates
package (package may have a different name, it depends on the used distribution).
UPDATE:
Your company inspects TLS connections in the corporate network, so original certificates are replaced by your company certificates. You need to add your company CA certificate to root CA certificates.
Linux (Ubuntu, Debian):
- copy company CA certificate to dir
/usr/local/share/ca-certificates/
- run
sudo update-ca-certificates
If your host OS has already preconfigured CA certs correctly (company CA certs included), then you can just mount them as a volume to the container:
docker run \ -v /etc/ssl/certs/ca-certificates.crt:/etc/ssl/certs/ca-certificates.crt \ ...
Typical CA certs locations:
/etc/ssl/certs/ca-certificates.crt
Debian/Ubuntu/Gentoo etc./etc/pki/tls/certs/ca-bundle.crt
Fedora/RHEL 6/etc/ssl/ca-bundle.pem
OpenSUSE/etc/pki/tls/cacert.pem
OpenELEC/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
CentOS/RHEL 7
I was using this code to send cUrl request, It did not worked and throw this error:
SSL certificate problem: self signed certificate in certificate chain php curl
curl_setopt($ch, CURLOPT_URL, "https://test.example.com/v1/authenticate.json?api_key=123456");curl_setopt($ch, CURLOPT_HEADER, 0);curl_setopt($ch,CURLOPT_SSL_VERIFYHOST,0);curl_setopt($ch,CURLOPT_SSL_VERIFYPEER,1);curl_setopt($ch, CURLOPT_POSTFIELDS, $data);curl_setopt($ch, CURLOPT_FAILONERROR, true);curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);curl_setopt($ch,CURLOPT_CAINFO,'cert.embedapp.20191004.pem');curl_setopt($ch,CURLOPT_CAPATH,'./cert.embedapp.20191004.pem');
After trying everything, I have changed my cUrl request to:
curl_setopt($ch, CURLOPT_URL, "https://test.example.com/v1/authenticate.json?api_key=123456"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);curl_setopt($ch, CURLOPT_SSL_VERIFYHOST,0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER,0);curl_setopt($ch, CURLOPT_FAILONERROR, true);curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);curl_setopt($ch, CURLOPT_POST, 1);curl_setopt($ch, CURLOPT_POSTFIELDS, $data); curl_setopt($ch, CURLOPT_SSLCERT,'cert.embedapp.20191004.pem');
Finally it works for me :)