SSL Certificate Problem Unable To Get Local Issuer Certificate


How to Fix: “SSL Certificate Problem Unable to get Local Issuer Certificate” Error

Guide to Solve “SSL Certificate Problem Unable to get Local Issuer Certificate”

Are you the one who received the message “SSL certificate problem: unable to get local issuer certificate” during the execution of a secure HTTPS destination request for a cURL? If yes, then there’s no need to worry, although it’s not common, this error happens sometimes.

First, let’s see what is the main cause for this error, and then we’ll see how to solve it later.

The main reason for this error is when you’re using SSL client and you’re trying to make a secure HTTPS source request, for which you need to share an SSL / TLS Certificate to verify your identity. If the root certificate does not work properly during this time, then this may cause this error.

To fix this SSL Certificate problem: Incapable of obtaining Local Issuer Certificate, there are three different solutions available from which one will definitely work with most people.

For .PEM Format:

Editing php.ini (Keep SSL)

  1. In https:/, download cacert.pem
  2. Copy cacert.pem into your Zend / openssl version now. ‘/usr / local / openssl0.9.8 / certs / cacert.pem’ for example.
  3. Open php.ini file and make the CURL configuration modification by adding “cainfo = ‘/usr/local/openssl-0.9.8/certs/cacert.pem’
  4. Reboot your PHP and see if the CURL can or can not read the HTTPS URL.

No need to Edit php.ini:

Add below code while maintaining SSL.
$ch = curl_init();
$certificate_location = ‘/usr/local/openssl-0.9.8/certs/cacert.pem’;
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, $certificate_location);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $certificate_location);

Disable SSL (Not Advisable)

Enter below code:
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);

From the three above, one will work and it will solve the message “SSL certificate issue: unable to obtain certificate from local issuer.”

For Format .CRT:

Get the bundle from SSL-ca-bundle.crt

To get the SSL bundle, go to the URL below, copy the content and save it to your server. The destination you are saving does not make a big difference, but it is recommended to save it near the server’s top level.

For Eg.: C:/xampp/htdocs/_certs/ca-bundle.crt

Editing php.ini File

You need to edit the php.ini file to know where the File is located. For example, in XAMP, you can get to the php.ini file via the Config button in the XAMP control panel, whereas in some other locations it is possible for other servers to have php.ini files, but mostly it is in the /etc directory.

Upon finding, adding or updating this file with the lines below:

[CA Certs]

Note: Path must match with the file where it’s saved

Restarting PHP

Once the above mentioned step is complete, restart the PHP. Although different servers may have different triggers for PHP restarting. For example, turn off Apache in XAMP, and then switch on for XAMP via the control panel. If you use Linux servers then try the command below.

service php5-fpm restart