Tips for solving an uncommon SSL/TLS error – “SSL Certificate Problem: Unable to get Local Issuer Certificate”
While executing a cURL request to a secure HTTPS destination, have you ever received the message “SSL certificate problem: unable to get local issuer certificate?”
And do you keep getting the same “SSL certificate problem: “unable to get local issuer certificate” message no matter how much you change your cURL request or verify your URL?
In this article, we’ll give you the prime cause for this error and show you how to fix the “SSL certificate problem: unable to get local issuer certificate” error.
Cause of SSL Certificate Problem: Unable to get Local Issuer Certificate
The common cause behind “Cause of SSL Certificate Problem: Unable to get Local Issuer Certificate” is an error that causes misconfiguration while sending all the root and intermediate certificates to the webserver correctly at the time of SSL/TLS communication between the client and the server.
In some cases, when you’re using client SSL certificates, when you make a request to a secure HTTPS source, you have to share an SSL certificate to verify your identity. As such, if you come across the “SSL certificate problem: unable to get local issuer certificate” error, it’s an indication that the root certificates on the system are not working correctly.
Read on to find out how to troubleshoot “SSL certificate problem: unable to get local issuer certificate”.
Buy Cheap Wildcard SSL Certificates
Solutions to SSL Certificate Problem: Unable to get Local Issuer Certificate
You have three primary solutions for the “SSL certificate problem: unable to get local issuer certificate” error.
1. Change php.ini (Maintain SSL)
- Go to http://curl.haxx.se/ca/cacert.pem and download cacert.pem.
- Copy cacert.pem to your version of openssl/zend, such as ‘/usr/local/openssl-0.9.8/certs/cacert.pem’.
- In your php.ini file, modify the CURL configuration by adding “cainfo = ‘/usr/local/openssl-0.9.8/certs/cacert.pem’”
- Restart PHP and see if CURL is able to read HTTPS URL now.
2. Don’t Change php.ini (Maintain SSL)
Enter the following code:
$ch = curl_init();
$certificate_location = ‘/usr/local/openssl-0.9.8/certs/cacert.pem’;
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, $certificate_location);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $certificate_location);
3. Disable SSL (Not Recommended)
Enter the following code:
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
One of these solutions is bound to work for you and you will no longer encounter the message “SSL certificate problem: unable to get local issuer certificate”.
Secure a Website with Trusted SSL Certificates
Buy or renew major SSL brands SSL certificate and you can save up to 89% on all types of SSL certificates like DV, OV, EV, Wildcard, and Multi-Domain SSL Certificates.
Buy HTTPS Certificates at $5.45 Per Year
