Get your FREE copy of "The Ultimate Guide of SSL"

Download Ebook

How to Fix: “SSL Certificate Problem Unable to get Local Issuer Certificate” Error

Guide to Solve Unable to get Local Issuer Certificate

Are you the one who has received the message “SSL certificate problem: unable to get local issuer certificate” during the execution of a cURL request for a secure HTTPS destination? If yes, then there’s no need to worry, though it’s not common, sometimes this error occurs.

First, let’s see what the main cause for this error is to occur, and later on, we will see how to solve it.

The main reason for this error to occur is when you are using client SSL and you try to make a request of secured HTTPS source, for which you have to share an SSL/TLS Certificate for the verification of your identity. During this time, if the root certificate doesn’t work properly, then it may cause this error.

To fix this SSL Certificate Problem: Unable to get Local Issuer Certificate, three different solutions are available, from which one will definitely work with the majority of people.

For .PEM Format:

Editing php.ini (Keep SSL)

  1. Download cacert.pem from
  2. Now, copy cacert.pem into your version of zend/openssl. For example, ‘/usr/local/openssl0.9.8/certs/cacert.pem’.
  3. Open php.ini file and make the modification in the CURL configuration by adding "cainfo = ‘/usr/local/openssl-0.9.8/certs/cacert.pem"
  4. Restart your PHP and see whether the CURL is able to read HTTPS URL or not.

No need to Edit php.ini:

Add below code while maintaining SSL.
$ch = curl_init();
$certificate_location = ‘/usr/local/openssl-0.9.8/certs/cacert.pem’;
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, $certificate_location);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $certificate_location);

Disable SSL (Not Advisable)

Enter below code:
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
From the above three, one will work and it will solve the message “SSL certificate problem: unable to get local issuer certificate.”

For .CRT Format:

Get the SSL bundle – ca-bundle.crt

For getting the SSL bundle, go to the below URL, copy and save the content on your server. The destination where you save doesn’t make much difference, but it is recommended to save it near the top level of the server.

For Eg.: C:/xampp/htdocs/_certs/ca-bundle.crt

Editing php.ini File

To know where the File is located you have to edit the php.ini file. For example, in XAMP, you can get to the php.ini file through the Config button in the control panel of XAMP, whereas, it’s possible for other servers to have php.ini files in some other locations, but mostly it’s found in the /etc directory.

Once you find, add or update with below lines into that file:

[CA Certs]
Note: Path must match with the file where it’s saved

Restarting PHP

Once you complete the step mentioned above, restart the PHP. Though, different servers may trigger PHP restart differently. For example, in XAMP, turn off Apache and then turn on via the control panel for the XAMP. If you’re using Linux servers, then you can try the below command.
service php5-fpm restart

Related SSL Error Articles:

Disclosure: AboutSSL appreciates your continuous support. It helps us tremendously to keep moving in the competitive SSL industry. Here most of the links which direct you to buy any SSL/TLS related service or products earns us a certain percentage of referral commission. Learn More