cURL Error #:SSL certificate problem: unable to get local issuer certificate

Issue Summary

Hi,
I get the error message “cURL Error #:SSL certificate problem: unable to get local issuer certificate”
when trying to connect to an API.(see screen copy)

The API works well when tested through Insomnia, so it is correct.
I have trusted test.local.crt (see screen copy

Troubleshooting Questions

• Does this happen for all sites in Local, or just one in particular?
  All

• Are you able to create a new, plain WordPress site in Local and access it in a Browser?
  YES

Replication

Describe the steps that others can take to replicate this issue. If you have screenshots that can help clarify what is happening, please include them!

==> start the site named test
==> a shortcode is running an API Get request to connect to an https website
==> notice that the php function is correct (copy/paste from Insomnia and tested with Insomnia)
==> the return of the request displays the cURL error on the screen

System Details

• Which version of Local is being used?
  5.10.3

• What Operating System (OS) and OS version is being used?

  • Windows 10 Personal

• Attach the Local Log. See this Community Forum post for instructions on how to do so:

  • How do I retrieve Local’s Log?
    
    

    local1558×622 20.6 KB
    

    local21082×898 42.1 KB
    local-lightning.log (190.5 KB)

Hey @geve2009 – Welcome to the Local Community Forums!

This is a part of Local that I think could use some improvements, so I’ll see what I can do in terms of advocating for a better workflow with it.

In terms of what’s going on – this error:

cURL Error #:SSL certificate problem: unable to get local issuer certificate

Basically, this error is telling us that cURL can’t create a secure HTTPS connection to whatever site it’s trying to connect to. More generally, you can think of this as WordPress not being able to make a secure connection to your API.

The reason that clicking the “Trust” button in Local isn’t helping resolve this error is because Local’s trust button is only registering the site’s SSL certificate with the computer’s browsers. This button doesn’t do anything in terms of managing the ssl configuration that WordPress uses to make external requests.

This StackOverflow answer does a good job of outlining the general meaning of the above error:

In that answer, it mentions:

The error is probably caused by not having an up-to-date bundle of CA root certificates. This is typically a text file with a bunch of cryptographic signatures that curl uses to verify a host’s SSL certificate.

You need to make sure that your installation of PHP has one of these files, and that it’s up to date (otherwise download one here: curl - Extract CA Certs from Mozilla).

You could probably go down a pretty deep rabbit hole trying to get this work using the recommendation in that answer, but the thing is, WordPress does a lot of great things to help cover these edge cases as long as you’re using the HTTP API.

Using a function like wp_remote_get() to make your calls should help.

In your code, are you using your own functions to make the request, or are you using WordPress’ HTTP api?

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.