Getting a Curl error when trying to update plugins in Local

mikemuller · October 5, 2021, 2:34pm

When I try to update the Delicious Brains plugins, I’m getting a CURL error which I think is tied to the SSL issue. This happens on every site in Local. I check the version of OpenSSL using the site shell and it looks like Local is using:
OpenSSL 1.0.2u 20 Dec 2019

Delicious Brains is saying that OpenSSL version 1.1.x is required to fix the root certificate issue. Can OpenSSL be updated?

kevinman12345 · October 6, 2021, 9:17am

When trying to add a license Key into ACF I get this error.

Error. Could not connect to update server (cURL error 60: SSL certificate problem: certificate has expired).

I had to manually trust the certificate. But still nothing.
This error happens on work and personal computer.

macOS Big Sur
version 11.6

Local
Version 6.1.4+5521

kevinman12345 · October 6, 2021, 9:18am

I tried to update the OpenSSL version, didnt fix anything.

$ brew install openssl@1.1
$ /usr/local/opt/openssl/bin/openssl version
OpenSSL 1.1.1g 24 Apr 2021

henning · October 6, 2021, 12:37pm

Hi everyone,

I had the same issue on all Local sites and found a solution from Wordpress Core Trac:
https://core.trac.wordpress.org/ticket/54207

Apparently, Wordpress’ certificate bundle contains an expired certificate (“DST Root CA X3” - expired on 30.09.2021).

Hotfix:
Just in case, make a backup of the file /wp-includes/certificates/ca-bundle.crt. In order to fix the curl error, you can now safely remove the “DST Root CA X3” certificate block from the cert file. Save the file and the curl error should disappear.

Important Note: This is NOT update-proof and will be overwritten if you update / reinstall Wordpress. Hopefully, this fix will be in WordPress 5.8.2, as proposed by the trac ticket.

Suggestion for the Local Team:
Provide an update to a recent, actively supported version of OpenSSL, or switch to the “better” alternative LibreSSL, if possible, to provide better long-term stability.

I hope this helps!

Thanks,
Henning

ben.turner · October 6, 2021, 5:35pm

This is great feedback @henning and thanks for linking to the Trac ticket!

@kevinman12345 – Since you’re on a Mac, If @henning 's solution doesn’t work for you, I’d be curious to know if the solution of updating the cert.pem file system wide works. See the solution in this topic:

sebastian · November 9, 2021, 7:16pm

I tried the other method first before this wp-includes cert modification. And that did not work on my Mac running Big Sur

ben.turner · November 10, 2021, 6:46pm

Can you describe in a little more detail what you are experiencing? Where are you seeing the error? What is the exact error that is showing?

system · February 8, 2022, 6:47pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Old Solution to cUrl 60 error no longer valid in Lightning (MacOS) Support mac , ssl-certificates , mac-catalina	3	1626	September 14, 2020
Expired SSL certificate Support ssl-certificates , live-links , dst-root-ca-x3	13	3272	October 8, 2021
SSL certificate problem: certificate has expired' (60) Support	1	665	January 13, 2022
Certificate Issues and curl errors Support ssl-certificates	1	848	May 25, 2020
cURL Error #:SSL certificate problem: unable to get local issuer certificate Support	2	6156	June 30, 2021

Getting a Curl error when trying to update plugins in Local

Related topics