Fixing Curl Error 60: SSL Certificate Issue with Self-Signed Certificates
When making a curl request to a secure website using a self-signed SSL certificate, an error message "Curl error 60: SSL certificate problem: self signed certificate in certificate chain" might appear. This error indicates that cURL is unable to validate the server's SSL certificate, potentially due to an outdated certificate bundle.
Solution:
Obtain and Install an Updated CA Root Certificate Bundle
Download the latest bundle of CA root certificates from http://curl.haxx.se/docs/caextract.html and install it in the appropriate location specified in PHP's php.ini file:
curl.cainfo = <absolute_path_to> cacert.pem
Set CURLOPT_CAINFO Option
During runtime, set the CURLOPT_CAINFO option for the curl resource to the full path of the installed certificate bundle:
curl_setopt ($ch, CURLOPT_CAINFO, dirname(__FILE__)."/cacert.pem");
These steps will update cURL's certificate validation mechanism and allow it to accept self-signed SSL certificates, resolving the Curl error 60.
Note:
It's crucial to use and maintain an up-to-date CA root certificate bundle for secure cURL communication. Avoid disabling SSL certificate verification, as it compromises the security of your requests.
The above is the detailed content of How to Resolve Curl Error 60: Self-Signed SSL Certificate Issues?. For more information, please follow other related articles on the PHP Chinese website!
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
