Full Error
RequestException in CurlFactory.php line 187: cURL error 60: SSL certificate problem: unable to get local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)
Scenario
Before anyone points me to these two laracasts answers: https://laracasts.com/discuss/channels/general-discussion/curl-error-60-ssl-certificate-problem-unable-to-get-local-issuer-certificate
https://laracasts.com/discuss/channels/general-discussion/curl-error-60-ssl-certificate-problem-unable-to-get-local-issuer-certificate/replies/52954
I've already looked at them and that's why I'm here.
The problem I have is that now I have the cacert.pem file BUT it doesn't make sense where to put it, the answers indicate to place the file in my xampp directory and change my php.ini file but I'm not using xampp for anything, I'm using Laravel's artisan server to run my project.
If xampp is not in use, where should I place this file? Moreover, why would an accepted answer be to place it in my xampp directory? I dont understand.
My Exact Question
Where do I place the cacert.pem file to stop this error in laravel 5.4?
Do not ever modify files in the vendor/ folder. Ever. They can and will be overwritten on the next composer update you run.
Here is my Solution for WampServer
I am using PHP 7.1.9 for my WampServer, so change 7.1.9 in the example below to the version number you are currently using.
Download this file: http://curl.haxx.se/ca/cacert.pem
Place this file in the C:\wamp64\bin\php\php7.1.9 folder
Open php.iniand find this line:
;curl.cainfo
Change it to:
curl.cainfo = "C:\wamp64\bin\php\php7.1.9\cacert.pem"
Make sure you remove the semicolon at the beginning of the line.
Save changes to php.ini, restart WampServer, and you're good to go!
A quick solution but insecure (not recommended).
Using cURL:
Set CURLOPT_SSL_VERIYPEER to false
Using Guzzle: Set verify to false, for example
$client->request('GET', 'https://somewebsite.com', ['verify' => false]);
You can use GuzzleHttp\Client:
$client = new Client(['verify' => false]);
Solution suggested by some users to make changes to \vendor\guzzlehttp\guzzle\src\Client.php file is the worst advice, as manual changes made to vendor folder are overwritten if you run composer update command.
Solution suggested by Jeffrey is a dirty, shorthand fix but not recommended in production applications.
Solution suggested by kjdion84 is perfect if you have access to php.ini file on web server. In case you are using Shared Hosting, it may not be possible to edit php.ini file.
When you don't have access to php.ini file (e.g. Shared Hosting)
Download this file: http://curl.haxx.se/ca/cacert.pem or https://curl.se/docs/caextract.html
Place this file in the root folder of your Laravel project.
Add verify key to GuzzleHttp\Client constructor with its value as path to cacert.pem file.
With Laravel 5.7 and GuzzleHttp 6.0
// https://example.com/v1/current.json?key1=value1&key2=value2
$guzzleClient = new GuzzleHttp\Client([
'base_uri' => 'https://example.com',
'verify' => base_path('cacert.pem'),
]);
$response = $guzzleClient->get('v1/current.json', [
'query' => [
'key1' => 'value1',
'key2' => 'value2',
]
]);
$response = json_decode($response->getBody()->getContents(), true);
This was stressfull to figure out but here is the exact answer for people using laravel and have this problem.
My exact application versions are...
Laravel: 5.4
Guzzlehttp: 6.2
Laravel Socialite: 3.0
Download a fresh copy of this curl certificate from this link: https://gist.github.com/VersatilityWerks/5719158/download
Save the file in this path starting from the base root of your laravel application vendor/guzzlehttp/guzzle/src/cacert.pem
next in that same directory open up RequestOptions.php and scroll down to the constant called CERT and change it to this const CERT = 'cacert.pem'; and this should fix it all.
EDIT
As people are pointing out you should never edit the vendor folder, this was just a quick fix for an application I was building in my spare time. It wasn't anything majorly important like an application for my company or anything, use this method at your own risk! Please check out the other answers if you need something more concrete.
I was sending a request from domain X to Y, my problem was with the certificate used on the domain Y (it wasn't a self-signed cert btw), the domain belonged to me & I had the certificate, so the quick fix was to use the domain Y's certificate on domain X's application:
On domain X:
Using Laravel 7 HTTP wrapper:
\Http::withOptions(['verify' => 'path-to-domain-Y-certificate']);
Using guzzle:
new GuzzleHttp\Client(['verify' => 'path-to-domain-Y-certificate']);
OR you could just contact your SSL provider to resolve the issue.
Note: Storing your domain's certificate in another system isn't a secure method, use this method only if you can ensure your certificate's security.
I haven't found what was wrong with the certificate, no browser seemed to have a problem with it, the only problem was generated on laravel using curl.
I had this problem while running Valet and attempting to make an api from one site in valet to another.
Note that i'm working in OSX.
I found the solution here: https://github.com/laravel/valet/issues/460
In short you have to copy the valet pem to the system CA bundle.
Just run this:
cp /usr/local/etc/openssl/cert.pem /usr/local/etc/openssl/cert.pem.bak && cat ~/.config/valet/CA/LaravelValetCASelfSigned.pem >> /usr/local/etc/openssl/cert.pem
I use laragon server and I faced to the same problem. I downloaded ssl certificate from http://curl.haxx.se/ca/cacert.pem and paste it in C:/laragon/etc/ssl/
(if cacert.pem already exists replace it with new one).
restart server and everything is fine
We can set path based on this article on Medium.com How to fix cURL error 60: SSL certificate problem
Steps to follow:
Open http://curl.haxx.se/ca/cacert.pem
Copy the entire page and save it as a “cacert.pem”
Open your php.ini file and insert or update the following line. curl.cainfo = " [pathtofile]cacert.pem"
Another one recently asked for the same problem and it's seems my answer was the solution for him.
Here was the post I mention : URL Post
That's what I said :
I'll be fully honest, I don't know anything about Laravel. But I had
the same problem, so as many other, on Symfony. And so as you I tried
many things without success.
Finally, this solution worked for me : URL solution
It indicates that instead of a certificate problem, it could came
from a environnement non-compatibility. I used XAMPP instead of
WAMP and it worked.
Solved it on my end by disabling verify completely when on debug setting since in this local scenario security is not an issue at all.
$http = new \GuzzleHttp\Client([
'base_uri' => config('services.passport.login_endpoint'),
'verify' => config('app.debug') ? false : true,
'defaults' => [
'exceptions' => false,
]
]);
curl.cainfo = "C:\wamp64\bin\php\php7.1.9\cacert.pem"
I had resolved my problem with wamp.
This happened to me in development with laravel 8 using the default server started by running:
php artisan serve
The solution for me was similar to other answers that require you to download cacert.pem and edit php.ini file. But since I was not using Wamp, I checked the path in my environment variables to find which php installation windows defaulted to and made the changes there.
For php version ^8.1 in wampserver
Download--> https://curl.se/ca/cacert.pem.
Place the cacert.pem file inside C:\wamp64\bin\php\php8.1.0.
Open php.ini and find this line:
;curl.cainfo
Change it to:
curl.cainfo = "C:\wamp64\bin\php\php8.1.0\cacert.pem"
Make sure you remove the semicolon at the beginning of the line.
Save changes to php.ini, restart WampServer64, and you're good to go!
You need to edit the following file in vendor/guzzlehttp/guzzle/src/Client.php
$defaults = [
'allow_redirects' => RedirectMiddleware::$defaultSettings,
'http_errors' => true,
'decode_content' => true,
'verify' => false, // By default this value will be true
'cookies' => false
];
May be security issue was there, but it will work.
for Laravel: The 5 steps below will be helpful
update version to Guzzlehttp: 5.2
find the file under \vendor\guzzlehttp\guzzle\src\Client.php
edit default settings to
protected function getDefaultOptions() {
$settings = [
'allow_redirects' => true,
'exceptions' => true,
'decode_content' => true,
'verify' => getcwd() .'/vendor/guzzlehttp/guzzle/src/cacert.pem'
];
}
download latest file cacert.pem from http://curl.haxx.se/ca/cacert.pem and place under /vendor/guzzlehttp/guzzle/src/
I am trying to connect to the google API from a localhost, but keep on receiving an exception (key changed - in text below).
Warning: file_get_contents(compress.zlib://https://www.googleapis.com/books/v1/volumes?q=Henry+David+Thoreau&filter=free-ebooks&key=bItatTTTTT7amAHYSaROTTTTTbtttuuuuuuuu) [function.file-get-contents]: failed to open stream: operation failed in C:\zendProject\zf2\vendor\google\apiclient\src\Google\IO\Stream.php on line 115
The code I am using in my browser comes straight from the API Guide and reads:
$client = new \Google_Client();
$client->setApplicationName("rent");
$service = new \Google_Service_Books($client);
$optParams = array('filter' => 'free-ebooks');
$results = $service->volumes->listVolumes('Henry David Thoreau', $optParams);
I think my problems relate to the config file, and that fact I am working off the localhost development server.
'Google_Auth_OAuth2' => array(
'application_name' => 'www.example.com',
'client_id' => '4498xxxxx061-3333xxxx9pjcpkbqhoxxxxxxxxxxx.apps.googleusercontent.com',
'client_secret' => '8xxxxxxxxx333xxxxxxxxx',
'redirect_uri' => 'http://localhost',
'developer_key' => 'AxxxxxxzBjpxxxxxaxxxxxxZxxx1xxxxx',
In the new developer console I have created a new client ID for the project and inserted the "Client_id", "Client_secret", etc.
I have also enabled the relevant APIs for Calenders and Books.
I have tested my API key on the URL I found for google fonts - so I am sure I have the right developer key.
I suspect the issue may be around the local host in uri fields, what do I need to put in here?
Does anyone know what I am doing wrong.
UPDATE: I found a post that suggested getting the HTTP response code here:
The response from the server is 304 - not sure if this helps
UPDATE: #Carlos Roubles - was correct I was using the incorrect version. Just in case anyone else runs into this issue - the composer information on the google website appears to be incorrect.
I previously used "google/apiclient": "1.0." this appears in the google documentation. I have now tried "google/apiclient": "1." and this seems to have fixed the problem.
Thats a problem with file_get_contents rather that with the api.
Most people changes file_get_contents to CURL for accesing remote files.
Anyways, i was checking the library and i cannot find any call to file_get_contents in all the stream.php file
https://github.com/google/google-api-php-client/blob/master/src/Google/IO/Stream.php
and in line 115, what we have is a commented line, so what comes to my mind is that yu are not using the last version of the library. Also, i see that in this version they make the request with fopen.
So you can try to update it, and probably this fixes the issue
I've recently taken on the task of making a quick and dirty static html page that will use php to access Twilio and reply with an SMS. I am new to Twilio, and was following this tutorial:
http://www.twilio.com/docs/quickstart/php/sms/sending-via-rest
When that failed I went back to check if I had skipped any steps after downloading the php zip and read over the content in the install page of the Twilio website, but even that didn't make sense, since I have never herd of PEAR and simply downloaded the php zip file and started working.
Now I am not sure if I even installed Twilio correctly(as stated above I just downloaded the zip folder), but I do know I changed the root directory for Wamp as advised by this site:
http://www.ruifeio.com/2011/01/30/change-the-www-root-directory-on-wampserver/
since all the tutorials said it was ok to use WAMP and because I had it already in my machine:
However, even after making that change, correctly I hope, I can't seem to get Twilio to send me a text.
My code is basically a copy and paste job from the tutorial I've listed above, it looks as follows:
<?php
require "C:\Users\Kevin\Marco Polo\\twilio-php-master\Services\Twilio.php";
$AccountSid = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx";
$AuthToken = "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy";
$client = new Services_Twilio($AccountSid, $AuthToken);
$people = array(
"+13466033189" => "Kevin",
"+16462805711" => "Loca",
"+17188390403" => "Stefa",
"+17183405728" => "Sweet Chocolate Man"
);
foreach($people as $number => $name){
$sms = $client->account->sms_messages->create(
"732-704-799",
$number,
"Hey $name, YOLO!!!! -Nick R. :P
P.S. do not reply"
);
echo "Sent message to $name";
}
?>
EDIT
After making the changes suggest by #Brainless Box and #CaseySoftware I was about to get rid of one error and only have three
The three errors are, in chronological order, as follows:
Warning: file_get_contents(): ailed to open stream: HTTP request failed! HTTP/1.1 400 Bad Request in C:\Users\Kevin\Marco Polo\twilio-php-master\Services\Twilio\HttpStream.php on line 61
Fatal error: Uncaught exception 'Services_Twilio_HttpStreamException' with message 'Unable to connect to service' in C:\Users\Kevin\Marco Polo\twilio-php-master\Services\Twilio\HttpStream.php on line 64
Services_Twilio_HttpStreamException: Unable to connect to service in C:\Users\Kevin\Marco Polo\twilio-php-master\Services\Twilio\HttpStream.php on line 64
I am all very new to this and hardly understand what is going on and where I went wrong and whether the mistake is in my code or in my installation of Twilio. If someone can lend me a hand that would be great.
Thanks Everyone :)
You don't have the SSL extension enabled in your Wamp configuration; to enable the extension, go to your WAMP directory (something like C:\path\to\wamp\bin\php\php#.#.#\php.ini) and uncomment ;extension=php_openssl.dll.
Be sure to restart WAMP after.
I have some code that connects to a newsletter service via SOAP. It works with no problem on our dev server, but on our live server it doesn't work at all. It's not returning any errors; just a blank white page. I've put some error_logs into the code and found exactly where it stops working - on the line creating the new SoapClient. Is there some kind of server config that needs to be set? Our code is identical between dev and prod, so the only thing I can figure is a server issue. (Note that the first chunk of code below was provided by the newsletter service, not written by me.)
# bronto API session/connection setup
ini_set("soap.wsdl_cache_enabled", "0");
date_default_timezone_set('America/Chicago');
$wsdl = "https://api.bronto.com/v4?wsdl";
$url = "https://api.bronto.com/v4";
/*error log statements up to this point return what is expected;
an error log after the following line (starting with $client = new SoapClient)
does not get triggered at all. */
$client = new SoapClient($wsdl, array('trace' => 1, 'encoding' => 'UTF-8'));
$client->__setLocation($url);
$token = "XXX";
$sessionId = $client->login(array("apiToken" => $token))->return;
$client->__setSoapHeaders(array(new SoapHeader("http://api.bronto.com/v4",
'sessionHeader',
array('sessionId' => $sessionId))));
I've also tried something like this to explicitly see any errors, but no luck - still nothing in the error log.
try {
$client = #new SoapClient($wsdl, array('trace' => 1, 'encoding' => 'UTF-8'));
}
catch (SoapFault $E) {
error_log($E->faultstring) ;
}
error_log("ok");
I would check the installed PHP packages on the dev server and compare to the Prod server. fr2.php.net/manual/en/soap.setup.php
This will more than likly be a config setup for php on the live server, but here are the common problems i have had with SOAP on php,
First thing is check the allowed memory for php on live comparable with dev (SOAP is big and bad for memory)
Is the php on the live server the same version as the dev server,
Is the live server authorized to access the SOAP server (if auth is used on an IP Level)
as one of the SOAP packages i have used did this to me i found out there was a version mismatch, last but not least could you tell us what SOAP Library if any other then php default your using so we can help as your code looks good :)
thinking about it have you install soap i don't think php natively supports it i think its a pear or pecl package and if your using XAMPP or easyPHP on dev these have all of both all ready included in php.
I´m a newbie to soap in php, so I apologize if I´m not precise in my description.
I have working soap clients consuming wsdl´s in a providers remote server (eg www.remoteaddress.com/wsdl/webservice.wsdl). I was wondering if I could speed up that first wsdl call (before getting it into de cache) by downloading that wsdl from the remote server and uploading it locally to the same folder that contains the php that makes the call.
php.net says...
$client = new SoapClient(null, array('location' => "http://localhost/soap.php",
'uri' => "http://test-uri/",
'style' => SOAP_DOCUMENT,
'use' => SOAP_LITERAL));
So, questions please...does the location always have to be an http address or can a local apache server address be used (so as to reference a folder on a higher level than the public_html)? or in other words how do I reference in "location" the folder containing the the local uploaded wsdl? Would this speed things up, and if the local wsdl is in a public directory in my local server, does that pose some sort of security risk? Tried some combinations with the localhost above but none worked...
Thanks in advance for your help,
Pablo