cURL error when accessing SSL Local Site

I’m trying to connect to the WP REST API over HTTPS and don’t have any issue when doing so through the browser. However, when I try to make a cURL request, I get the following error:

curl: (60) SSL certificate problem: self signed certificate

Is there a way I can fix this? I’m wondering if I need to whitelist the Local by Flywheel certs? Any help much appreciated.

Thanks!
Hughie

1 Like

Hi Hughie,

Please let me know if the steps in my post here fix that issue: PHP 5.6 and Twilio SDK

Hey Clay!

Yeah, already tried that and quite a few other things. I’m currently setting all cURL requests to insecure with a .curlrc file to try to find a workaround but am now getting this error:

“http_request_failed”:[“cURL error 7: Failed to connect to site.local port 443: Connection refused”

Any thoughts?

Thanks!
Hughie

Interesting! :thinking:

Can you explain the set up in a little more detail? Mainly the relationship of the sites that you are making the requests from.

Also, where and how are you running the curl command? Are you using the site SSH functionality and running it in there?

We’re basically sending/requesting data between individual local instances through the WP REST API , I’m getting this error only on GET requests. After looking at the docker container shell, I don’t think that nginx is listening for port 443. Ran the following:

root@caa3a1e04011:/# ss -tnlp | grep :80
LISTEN 0 128 *:80 : users:((“nginx”,pid=1058,fd=6))
root@caa3a1e04011:/# ss -tnlp | grep :443
root@caa3a1e04011:/#

So it seems like nginx on the container isn’t listening for port 443? Also, I ran the curl command locally (not on the container), when trying to curl on the container it’s not a recognized command.

Ah, yes! HTTPS is only handled on the router layer for the sake of simplicity and speed.

There’s a Docker container that sits in front of all of the Local containers to reverse proxy to the appropriate port for the site.

When you connect using HTTPS, it establishes the handshake on the router but the router still reverse proxies to the site container using the HTTP port.

Considering this, you may have better luck connecting to the other Local site containers without encryption.

Ahhh, that makes more sense. Yeah, the issue is that we need to replicate TLS in our local development environments to mirror all of our production sites.

Hi @hughie,

I did some testing and you can get it to loop back through the router from inside another container. Here’s what I did:

  1. Right-click on the site and go to “Open Site SSH”
  2. Enter /sbin/ip route|awk '/default/ { print $3 }' and copy the IP
  3. Type nano /etc/hosts and add a new line at the bottom for the site you’re trying to access. It should look something like 172.17.0.1 test-1.dev. Use the IP from above.
  4. Test the connection. Please note that the certificate is still self-signed so you’ll need to put it into insecure mode.
1 Like

Hi @clay, sorry to bump this old post, but I’ve got the same issue.

The fix you posted does work, thanks, however, this resets each time you restart the local machine, which is a big pain in the rear as it has to be repeated over and over every time you launch the software :frowning:

Is there any way you can push a fix for this?

I use cURL on a daily basis, as I’m sure many other people do (many plugins use it as well) and it’s preventing me from working with Local.

Thank you for your time!

@solidpixel,

Can you share how you’re using cURL with Local?

Also, when you have time, can you retrieve the error that you’re seeing if it’s different than curl: (60) SSL certificate problem: self signed certificate?

Thanks for the feedback!

Hi @clay thanks for your reply! I love Local, it’s amazing, and I can’t wait for a premium version!

cURL is being used by BackupBuddy plugin, which allows you to pull/push the database between the local and live environment.

All is good when I push from local to live, but when I pull from live to local, the plugin throws these errors:

This is related to HTTP Loopbacks:

Error: Error #9038: Loopback test error: `cURL error 7: Failed to connect to deleteme.test port 443: Connection refused`. URL: `https://deleteme.test/wp-admin/admin-ajax.php?action=itbub_http_loop_back_test&serial=iphgm0h1zs76yau`. If you need to contact your web host, tell them that when PHP tries to connect back to the site at the URL `https://deleteme.test/wp-admin/admin-ajax.php?action=itbub_http_loop_back_test&serial=iphgm0h1zs76yau` via curl (or other fallback connection method built into WordPress) that it gets the error `cURL error 7: Failed to connect to deleteme.test port 443: Connection refused`. This means that WordPress' built-in simulated cron system cannot function properly, breaking some WordPress features & subsequently some plugins. There may be a problem with the server configuration (eg local DNS problems, mod_security, etc) preventing connections from working properly.

And this other one related to wp-cron.php Loopbacks:

Active wp-cron.php loopback test failure: `cURL error 7: Failed to connect to deleteme.test port 443: Connection refused`. URL: `https://deleteme.test/wp-cron.php?doing_wp_cron=1521709578.9165461063385009765625`. If you need to contact your web host, tell them that when PHP tries to connect back to the site at the URL `https://deleteme.test/wp-cron.php?doing_wp_cron=1521709578.9165461063385009765625` via curl (or other fallback connection method built into WordPress) that it gets the error `cURL error 7: Failed to connect to deleteme.test port 443: Connection refused`. This means that WordPress' built-in simulated cron system cannot function properly, breaking some WordPress features & subsequently some plugins. There may be a problem with the server configuration (eg local DNS problems, mod_security, etc) preventing connections from working properly.

These two errors both go away if I stop using SSL (replace https:// with http:// in WP settings)

Hope this helps you debugging the issue!

Edit: I forgot to mention that I’m running Local on a Windows 10 machine with all the latest updates installed, no 3d party firewalls or antivirus, but I’m indeed using Windows Defender (could that be the issue?)

Thanks and have a nice day,
Alessandro

Awesome, I really appreciate all of the information!

I’ve noted your details in our issue tracker and I’ll be sure that we test BackupBuddy when we make improvements to how Local handles HTTPS. :smiley:

1 Like

I’m also seeing this cURL error when viewing cron events when using the WP Crontrol plugin to manage cron events. The message I see is:

There was a problem spawning a call to the WP-Cron system on your site. This means WP-Cron events on your site may not work. The problem was:
cURL error 7: Failed to connect to mydomain.local port 443: Connection refused

Please implement a permanent way to address this cURL issue in Local without having to repeatedly add the tweak mentioned earlier. Thank you.

1 Like

that’s good! :grin: