Getting a Curl error when trying to update plugins in Local

When I try to update the Delicious Brains plugins, I’m getting a CURL error which I think is tied to the SSL issue. This happens on every site in Local. I check the version of OpenSSL using the site shell and it looks like Local is using:
OpenSSL 1.0.2u 20 Dec 2019

Delicious Brains is saying that OpenSSL version 1.1.x is required to fix the root certificate issue. Can OpenSSL be updated?

When trying to add a license Key into ACF I get this error.

Error. Could not connect to update server (cURL error 60: SSL certificate problem: certificate has expired).

I had to manually trust the certificate. But still nothing.
This error happens on work and personal computer.

macOS Big Sur
version 11.6

Local
Version 6.1.4+5521

I tried to update the OpenSSL version, didnt fix anything.

$ brew install openssl@1.1
$ /usr/local/opt/openssl/bin/openssl version
OpenSSL 1.1.1g 24 Apr 2021

Hi everyone,

I had the same issue on all Local sites and found a solution from Wordpress Core Trac:
https://core.trac.wordpress.org/ticket/54207

Apparently, Wordpress’ certificate bundle contains an expired certificate (“DST Root CA X3” - expired on 30.09.2021).

Hotfix:
Just in case, make a backup of the file /wp-includes/certificates/ca-bundle.crt. In order to fix the curl error, you can now safely remove the “DST Root CA X3” certificate block from the cert file. Save the file and the curl error should disappear.

Important Note: This is NOT update-proof and will be overwritten if you update / reinstall Wordpress. Hopefully, this fix will be in WordPress 5.8.2, as proposed by the trac ticket.

Suggestion for the Local Team:
Provide an update to a recent, actively supported version of OpenSSL, or switch to the “better” alternative LibreSSL, if possible, to provide better long-term stability.

I hope this helps!

Thanks,
Henning

3 Likes

This is great feedback @henning and thanks for linking to the Trac ticket!

@kevinman12345 – Since you’re on a Mac, If @henning 's solution doesn’t work for you, I’d be curious to know if the solution of updating the cert.pem file system wide works. See the solution in this topic:

1 Like

I tried the other method first before this wp-includes cert modification. And that did not work on my Mac running Big Sur

Can you describe in a little more detail what you are experiencing? Where are you seeing the error? What is the exact error that is showing?

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.