Why Does cURL Return Error 60 When Accessing VK, and How Can I Fix It?

Troubleshoot Curl Error 60: Self-Signed Certificate Issue

When attempting to use cURL to retrieve an access token from VK, you may encounter error 60, indicating a self-signed certificate issue in the certificate chain. This error is not related to your APP_ID, APP_SECRET, or code parameters.

Cause of the Error:

The issue stems from an outdated or missing bundle of CA (Certificate Authority) root certificates. cURL uses these certificates to verify host SSL certificates, and if they are not up to date or present, cURL will not trust the certificate presented by the host.

Solution:

To resolve the issue, ensure that your PHP installation has a bundle of CA root certificates and that it is up to date. You can download a bundle from here: http://curl.haxx.se/docs/caextract.html

Once downloaded, configure PHP to use the bundle:

• In php.ini:

curl.cainfo = <absolute_path_to> cacert.pem

• At Runtime:

curl_setopt ($ch, CURLOPT_CAINFO, dirname(__FILE__)."/cacert.pem");

Note: Disabling CURLOPT_SSL_VERIFYPEER is not a secure solution and should not be considered.

Additional Troubleshooting:

• Check the file permissions of the cacert.pem file. It should be readable by the PHP process.
• Ensure that the host you are trying to connect to does not have an untrusted or expired SSL certificate. You can verify this manually by browsing to the URL in a web browser.

The above is the detailed content of Why Does cURL Return Error 60 When Accessing VK, and How Can I Fix It?. For more information, please follow other related articles on the PHP Chinese website!