How to Fix: “SSL Certificate Problem Unable to get Local Issuer Certificate” Error

1 Star2 Stars3 Stars4 Stars5 Stars (5 votes, average: 5.00 out of 5)
Loading...

Step-by-Step Guide to Solve ” SSL Certificate Problem Unable to get Local Issuer Certificate “

Are you the one who has received the message “SSL certificate problem: unable to get local issuer certificate” during the execution of a cURL request for a secure HTTPS destination? If yes, then there’s no need to worry, though it’s not common, sometimes this error occurs.

First, let’s see what the main cause for this error is to occur and later on we will see how to solve it.

The main reason for this error to occur is when you are using client SSL and you try to make a request of secured HTTPS source, for which you have to share an SSL/TLS Certificate for the verification of your identity. During this time, if the root certificate doesn’t work properly, then it may cause this error.

To fix this SSL Certificate Problem: Unable to get Local Issuer Certificate, three different solutions are available, from which one will definitely work with the majority of people.

comodologo

Comodo Positive SSL

95% OFF – Comodo Positive SSL Certificate at $6.50

Read More

thawtelogo-verticle

Thawte SSL123 Certificate

75% OFF – Thawte SSL123 Certificate at $42.30

Read More

comodologo

Comodo Positive SSL Multi Domain

95% OFF – Comodo Positive Multi Domain SSL at $17.50 – 2 SAN Included

Read More

For .PEM Format:

Editing php.ini (Keep SSL)

  1. Download cacert.pem from https://curl.haxx.se/ca/cacert.pem
  2. Now, copy cacert.pem into your version of zend/openssl. For example, ‘/usr/local/openssl0.9.8/certs/cacert.pem’.
  3. Open php.ini file and make the modification in the CURL configuration by adding "cainfo = ‘/usr/local/openssl-0.9.8/certs/cacert.pem"
  4. Restart your PHP and see whether the CURL is able to read HTTPS URL or not.

No need to Edit php.ini:

Add below code while maintaining SSL.
$ch = curl_init();
$certificate_location = ‘/usr/local/openssl-0.9.8/certs/cacert.pem’;
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, $certificate_location);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $certificate_location);

Disable SSL (Not Advisable)

Enter below code:
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
From the above three, one will work and it will solve the message “SSL certificate problem: unable to get local issuer certificate.”

For .CRT Format:

Get the SSL bundle – ca-bundle.crt

For getting the SSL bundle, go to the below URL, copy and save the content on your server. The destination where you save doesn’t make much difference, but it is recommended to save it near the top level of the server.

https://raw.githubusercontent.com/bagder/ca-bundle/master/ca-bundle.crt

For Eg.: C:/xampp/htdocs/_certs/ca-bundle.crt

Editing php.ini File

To know where the File is located you have to edit the php.ini file. For example, in XAMP, you can get to the php.ini file through the Config button in the control panel of XAMP, whereas, it’s possible for other servers to have php.ini files in some other locations, but mostly it’s found in the /etc directory.

Once you find, add or update with below lines into that file:

[CA Certs]

curl.cainfo="C:/xampp/htdocs/_certs/ca-bundle.crt"

openssl.cafile="C:/xampp/htdocs/_certs/ca-bundle.crt"

Note: Path must match with the file where it’s saved

Restarting PHP

Once you complete the step mentioned above, restart the PHP. Though, different servers may trigger PHP restart differently. For example, in XAMP, turn off Apache and then turn on via the control panel for the XAMP. If you’re using Linux servers, then you can try the below command.
service php5-fpm restart
Download Site Seal
comodo-trust-seal
SSL Checker