When attempting to use cURL to send a request to a URL that requires SSL, an error message indicating a "self-signed certificate in certificate chain" may be encountered.
This error occurs because cURL is unable to verify the SSL certificate presented by the remote server. This can happen if the certificate is self-signed, meaning it is not issued by a trusted certificate authority (CA).
To resolve this issue, you can manually disable cURL's SSL certificate verification. However, this is not recommended as it can compromise the security of your application.
Instead, you should ensure that the PHP installation used by cURL has a valid bundle of CA root certificates. This bundle is used by cURL to verify the authenticity of the server's SSL certificate.
You can download an up-to-date CA root certificate bundle from here: http://curl.haxx.se/docs/caextract.html
Once downloaded, configure PHP to use the bundle by setting the curl.cainfo option in php.ini to the absolute path of the certificate file.
curl.cainfo = <absolute_path_to>/cacert.pem
Alternatively, you can configure the CA certificate at runtime using the CURLOPT_CAINFO option:
curl_setopt($ch, CURLOPT_CAINFO, dirname(__FILE__)."/cacert.pem");
By providing a valid CA root certificate bundle, cURL will be able to verify the server's SSL certificate and establish a secure connection.
The above is the detailed content of How to Fix cURL Error 60: SSL Certificate Problems?. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
