Guide for the “SSL Certificate Problem: Unable to get Local Issuer Certificate”

2 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 52 votes, average: 5.00 out of 5 (2 votes, average: 5.00 out of 5, rated)
Loading...

Tips for solving an uncommon SSL/TLS error – “SSL Certificate Problem: Unable to get Local Issuer Certificate”

While executing a cURL request to a secure HTTPS destination, have you ever received the message “SSL certificate problem: unable to get local issuer certificate?”

And do you keep getting the same “SSL certificate problem: “unable to get local issuer certificate” message no matter how much you change your cURL request or verify your URL?

In this article, we’ll give you the prime cause for this error and show you how to fix the “SSL certificate problem: unable to get local issuer certificate” error.

Cause of SSL Certificate Problem: Unable to get Local Issuer Certificate

In some cases, when you’re using client SSL certificates, when you make a request to a secure HTTPS source, you have to share an SSL certificate to verify your identity. As such, if you come across the “SSL certificate problem: unable to get local issuer certificate” error, it’s an indication that the root certificates on the system are not working correctly.

Read on to find out how to troubleshoot “SSL certificate problem: unable to get local issuer certificate”.

Solutions to SSL Certificate Problem: Unable to get Local Issuer Certificate

You have three primary solutions for the “SSL certificate problem: unable to get local issuer certificate” error.

1. Change php.ini (Maintain SSL)

  • Go to http://curl.haxx.se/ca/cacert.pem and download cacert.pem.
  • Copy cacert.pem to your version of openssl/zend, such as ‘/usr/local/openssl-0.9.8/certs/cacert.pem’.
  • In your php.ini file, modify the CURL configuration by adding “cainfo = ‘/usr/local/openssl-0.9.8/certs/cacert.pem’”
  • Restart PHP and see if CURL is able to read HTTPS URL now.

2. Don’t Change php.ini (Maintain SSL)

Enter the following code:

$ch = curl_init();
$certificate_location = ‘/usr/local/openssl-0.9.8/certs/cacert.pem’;
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, $certificate_location);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $certificate_location);

3. Disable SSL (Not Recommended)

Enter the following code:

$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

One of these solutions is bound to work for you and you will no longer encounter the message “SSL certificate problem: unable to get local issuer certificate”.

Read other important SSL certificate blog posts on SSL errors.

Secure a Website with Trusted SSL Certificates

Buy Cheap HTTPS SSL Certificates at $5.88/Yr – 89% Off

How to Fix SEC_ERROR_EXPIRED_CERTIFICATE Error in Firefox
SSL_Error_rx_record_too_long - The Trouble Shooting Guide