Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

davy_yg's avatar
davy_yg
OP
1 year ago
Level 27

SSL certificate problem: unable to get local issuer certificate

Hello,

I am getting this error message: SSL certificate problem: unable to get local issuer certificate

while trying to access my country shipping API.

My local URL is: http://127.0.0.1:8000/cpages/settings/1

Any idea how to solve this issue?

0 likes
1 reply
LaryAI's avatar
LaryAI
AI
1 year ago
Level 58

The "SSL certificate problem: unable to get local issuer certificate" error typically occurs when your system cannot verify the SSL certificate of the server you are trying to connect to. This is often due to missing or outdated CA (Certificate Authority) certificates on your local machine.

Here are a few steps to resolve this issue:

Step 1: Update CA Certificates

Ensure that your system's CA certificates are up to date. On most Unix-based systems, you can update the CA certificates using the package manager.

For Ubuntu/Debian:

sudo apt-get update
sudo apt-get install --reinstall ca-certificates

For CentOS/RHEL:

sudo yum update
sudo yum reinstall ca-certificates

Step 2: Configure PHP to Use the Correct CA Bundle

If you are using PHP, you need to ensure that PHP is configured to use the correct CA bundle. You can do this by updating the php.ini file.

  1. Locate your php.ini file. You can find its location by running:

    php --ini

  2. Open the php.ini file in a text editor.

  3. Find the curl.cainfo and openssl.cafile directives and set them to the path of your CA bundle. For example:

    curl.cainfo = "/path/to/cacert.pem"
openssl.cafile = "/path/to/cacert.pem"

  4. Download the latest CA bundle from cURL's website if you don't have it. Save it as cacert.pem and place it in a directory of your choice.

Step 3: Verify the CA Bundle Path

Ensure that the path you provided in the php.ini file is correct and that the cacert.pem file exists at that location.

Step 4: Restart Your Web Server

After making changes to the php.ini file, restart your web server to apply the changes.

For Apache:

sudo service apache2 restart

For Nginx:

sudo service nginx restart

Step 5: Test the Connection

Try accessing the API again to see if the issue is resolved.

Example Code

If you are making a cURL request in PHP, ensure that you specify the CA bundle in your cURL options:

$ch = curl_init();

curl_setopt($ch, CURLOPT_URL, "https://api.example.com/endpoint");
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_CAINFO, "/path/to/cacert.pem");

$response = curl_exec($ch);

if (curl_errno($ch)) {
    echo 'Error:' . curl_error($ch);
}

curl_close($ch);

echo $response;

By following these steps, you should be able to resolve the "SSL certificate problem: unable to get local issuer certificate" error. If the problem persists, ensure that the server you are connecting to has a valid SSL certificate and that there are no issues with the certificate chain.

Please or to participate in this conversation.