I am working on a project with Symfony 6, PHP 8 and trying to upload images to Cloudinary using its PHP SDK, cloudinary/cloudinary_php version 2.7.1 and following these docs.
I am creating a Cloudinary instance as
$cloudinary = new Cloudinary([
'cloud' => [
'cloud_name' => 'my_name',
'api_key' => 'my_api_key',
'api_secret' => 'my_api_secret']
]);
and then uploading my base64 file as
$result = $cloudinary->uploadApi()->upload($base64Image);
Doing this I get the following GuzzleHttp\\Exception\\RequestException:
cURL error 60: SSL certificate problem: self signed certificate in certificate chain (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://api.cloudinary.com/v1_1/oralec/image/upload
What I tried
I ended up in this question (and others of the same nature) where the accepted answer is always to download cacert.pem from https://curl.se/docs/caextract.html and the set your modify your php.ini file with
curl.cainfo = <absolute_path_to> cacert.pem
which in my case is
curl.cainfo = "C:\php\cacert.pem"
But this makes no difference in the exception I get. I tried modifying php.ini, php.ini-development and php.ini-production, just in case.
I also tried installing vendors like https://github.com/composer/ca-bundle and https://github.com/paragonie/certainty, again with no success at all.
Any help is appreciated!
I eventually found that Symfony was using a php located in a different folder than the one I wrote (Instead of C:\php it was C:\xampp\php).
Changing php.ini in that location fixed the issue.
This question already has an answer here:
How to enable CurlHttpClient for WAMP in PHP 7.4+?
(1 answer)
Closed last year.
Problem
Following Laracasts tutorial for Laravel 8 (and to be specific: Chapter 58 - Mailchimp API Tinkering, Section 11 - Newsletters and APIs), I ran into an issue which seemed to be pretty common.
After creating a Mailchimp account and using a newly generated API key in Laravel 8, you would test it by Making your first API call, through your web.php file:
Route::get('ping', function (){
$mailchimp = new \MailchimpMarketing\ApiClient();
$mailchimp->setConfig([
'apiKey' => config('services.mailchimp.key'),
'server' => 'us19'
]);
$response = $mailchimp->ping->get();
ddd($response);
});
Unfortunately, when dumping the $response, the following error would show up:
GuzzleHttp\Exception\RequestException
cURL error 60: SSL certificate problem: unable to get local issuer certificate (see https://curl.haxx.se/libcurl/c/libcurl-errors.html)
for https://us20.api.mailchimp.com/3.0/ping
My Stack
I'm using Laravel 8.79.0 and WampServer 3.2.6
(with Apache 2.4.51, MySQL 8.0.27, PHP 8.0.13, PHPMyAdmin 5.1.1).
Solution
To solve this error, I first downloaded the cacert.pem certificate.
I placed it into a directory in my Wamp installation (in my case, I placed it in: C:\wamp64\bin\php\php8.0.13\extras\ssl).
Next, in the php.ini file of my PHP installation (in Wamp you can find it by left clicking the icon->PHP->php.ini), I looked for curl.cainfo = which was commented out with a ;.
I un-commented that line and set the value equal the absolute path to the cacert.pem file, so in my case the line was now: curl.cainfo = C:\wamp64\bin\php\php8.0.13\extras\ssl\cacert.pem.
Finally, I Restarted All Services in WampServer and visited the page again. The API responded nicely with:
{#804 ▼
+"health_status": "Everything's Chimpy!"
}
:)
I'm writing an artisan command in Laravel 5.5. There are files in an AWS EC2 instance and all within the same folder, my command needs to download all those files into a local storage/folder.
I went through the Laravel's documentation but couldn't find helpful info. I have added a disk into my filesystem config file for my local storage/folder access, as well as a disk for my AWS SFTP server.
Previously I've been doing this using the phpseclib but would like to move on using Laravel in Laravel way.
I've tried the following:
Storage::disk('aws')->get('path/filename.ext');
which throws the following exceptions:
In FilesystemAdapter.php line 109:
path/filename.ext
and
In Filesystem.php line 388:
File not found at path: path/filename.ext
but I can see the file is there and my program can download it, and actually all of them using phpseclib.
and also tried the following which returns an empty array:
Storage::disk('aws')->files('folder-name');
and aws is the disk I've defined in the filesystem config file as follows:
'aws' => [
'driver' = 'ftp',
'host' = '12.123.123.12',
'username' = 'myusername',
'password' = 'mypassword'
]
Thank you!
Full Error
RequestException in CurlFactory.php line 187: cURL error 60: SSL certificate problem: unable to get local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)
Scenario
Before anyone points me to these two laracasts answers: https://laracasts.com/discuss/channels/general-discussion/curl-error-60-ssl-certificate-problem-unable-to-get-local-issuer-certificate
https://laracasts.com/discuss/channels/general-discussion/curl-error-60-ssl-certificate-problem-unable-to-get-local-issuer-certificate/replies/52954
I've already looked at them and that's why I'm here.
The problem I have is that now I have the cacert.pem file BUT it doesn't make sense where to put it, the answers indicate to place the file in my xampp directory and change my php.ini file but I'm not using xampp for anything, I'm using Laravel's artisan server to run my project.
If xampp is not in use, where should I place this file? Moreover, why would an accepted answer be to place it in my xampp directory? I dont understand.
My Exact Question
Where do I place the cacert.pem file to stop this error in laravel 5.4?
Do not ever modify files in the vendor/ folder. Ever. They can and will be overwritten on the next composer update you run.
Here is my Solution for WampServer
I am using PHP 7.1.9 for my WampServer, so change 7.1.9 in the example below to the version number you are currently using.
Download this file: http://curl.haxx.se/ca/cacert.pem
Place this file in the C:\wamp64\bin\php\php7.1.9 folder
Open php.iniand find this line:
;curl.cainfo
Change it to:
curl.cainfo = "C:\wamp64\bin\php\php7.1.9\cacert.pem"
Make sure you remove the semicolon at the beginning of the line.
Save changes to php.ini, restart WampServer, and you're good to go!
A quick solution but insecure (not recommended).
Using cURL:
Set CURLOPT_SSL_VERIYPEER to false
Using Guzzle: Set verify to false, for example
$client->request('GET', 'https://somewebsite.com', ['verify' => false]);
You can use GuzzleHttp\Client:
$client = new Client(['verify' => false]);
Solution suggested by some users to make changes to \vendor\guzzlehttp\guzzle\src\Client.php file is the worst advice, as manual changes made to vendor folder are overwritten if you run composer update command.
Solution suggested by Jeffrey is a dirty, shorthand fix but not recommended in production applications.
Solution suggested by kjdion84 is perfect if you have access to php.ini file on web server. In case you are using Shared Hosting, it may not be possible to edit php.ini file.
When you don't have access to php.ini file (e.g. Shared Hosting)
Download this file: http://curl.haxx.se/ca/cacert.pem or https://curl.se/docs/caextract.html
Place this file in the root folder of your Laravel project.
Add verify key to GuzzleHttp\Client constructor with its value as path to cacert.pem file.
With Laravel 5.7 and GuzzleHttp 6.0
// https://example.com/v1/current.json?key1=value1&key2=value2
$guzzleClient = new GuzzleHttp\Client([
'base_uri' => 'https://example.com',
'verify' => base_path('cacert.pem'),
]);
$response = $guzzleClient->get('v1/current.json', [
'query' => [
'key1' => 'value1',
'key2' => 'value2',
]
]);
$response = json_decode($response->getBody()->getContents(), true);
This was stressfull to figure out but here is the exact answer for people using laravel and have this problem.
My exact application versions are...
Laravel: 5.4
Guzzlehttp: 6.2
Laravel Socialite: 3.0
Download a fresh copy of this curl certificate from this link: https://gist.github.com/VersatilityWerks/5719158/download
Save the file in this path starting from the base root of your laravel application vendor/guzzlehttp/guzzle/src/cacert.pem
next in that same directory open up RequestOptions.php and scroll down to the constant called CERT and change it to this const CERT = 'cacert.pem'; and this should fix it all.
EDIT
As people are pointing out you should never edit the vendor folder, this was just a quick fix for an application I was building in my spare time. It wasn't anything majorly important like an application for my company or anything, use this method at your own risk! Please check out the other answers if you need something more concrete.
I was sending a request from domain X to Y, my problem was with the certificate used on the domain Y (it wasn't a self-signed cert btw), the domain belonged to me & I had the certificate, so the quick fix was to use the domain Y's certificate on domain X's application:
On domain X:
Using Laravel 7 HTTP wrapper:
\Http::withOptions(['verify' => 'path-to-domain-Y-certificate']);
Using guzzle:
new GuzzleHttp\Client(['verify' => 'path-to-domain-Y-certificate']);
OR you could just contact your SSL provider to resolve the issue.
Note: Storing your domain's certificate in another system isn't a secure method, use this method only if you can ensure your certificate's security.
I haven't found what was wrong with the certificate, no browser seemed to have a problem with it, the only problem was generated on laravel using curl.
I had this problem while running Valet and attempting to make an api from one site in valet to another.
Note that i'm working in OSX.
I found the solution here: https://github.com/laravel/valet/issues/460
In short you have to copy the valet pem to the system CA bundle.
Just run this:
cp /usr/local/etc/openssl/cert.pem /usr/local/etc/openssl/cert.pem.bak && cat ~/.config/valet/CA/LaravelValetCASelfSigned.pem >> /usr/local/etc/openssl/cert.pem
I use laragon server and I faced to the same problem. I downloaded ssl certificate from http://curl.haxx.se/ca/cacert.pem and paste it in C:/laragon/etc/ssl/
(if cacert.pem already exists replace it with new one).
restart server and everything is fine
We can set path based on this article on Medium.com How to fix cURL error 60: SSL certificate problem
Steps to follow:
Open http://curl.haxx.se/ca/cacert.pem
Copy the entire page and save it as a “cacert.pem”
Open your php.ini file and insert or update the following line. curl.cainfo = " [pathtofile]cacert.pem"
Another one recently asked for the same problem and it's seems my answer was the solution for him.
Here was the post I mention : URL Post
That's what I said :
I'll be fully honest, I don't know anything about Laravel. But I had
the same problem, so as many other, on Symfony. And so as you I tried
many things without success.
Finally, this solution worked for me : URL solution
It indicates that instead of a certificate problem, it could came
from a environnement non-compatibility. I used XAMPP instead of
WAMP and it worked.
Solved it on my end by disabling verify completely when on debug setting since in this local scenario security is not an issue at all.
$http = new \GuzzleHttp\Client([
'base_uri' => config('services.passport.login_endpoint'),
'verify' => config('app.debug') ? false : true,
'defaults' => [
'exceptions' => false,
]
]);
curl.cainfo = "C:\wamp64\bin\php\php7.1.9\cacert.pem"
I had resolved my problem with wamp.
This happened to me in development with laravel 8 using the default server started by running:
php artisan serve
The solution for me was similar to other answers that require you to download cacert.pem and edit php.ini file. But since I was not using Wamp, I checked the path in my environment variables to find which php installation windows defaulted to and made the changes there.
For php version ^8.1 in wampserver
Download--> https://curl.se/ca/cacert.pem.
Place the cacert.pem file inside C:\wamp64\bin\php\php8.1.0.
Open php.ini and find this line:
;curl.cainfo
Change it to:
curl.cainfo = "C:\wamp64\bin\php\php8.1.0\cacert.pem"
Make sure you remove the semicolon at the beginning of the line.
Save changes to php.ini, restart WampServer64, and you're good to go!
You need to edit the following file in vendor/guzzlehttp/guzzle/src/Client.php
$defaults = [
'allow_redirects' => RedirectMiddleware::$defaultSettings,
'http_errors' => true,
'decode_content' => true,
'verify' => false, // By default this value will be true
'cookies' => false
];
May be security issue was there, but it will work.
for Laravel: The 5 steps below will be helpful
update version to Guzzlehttp: 5.2
find the file under \vendor\guzzlehttp\guzzle\src\Client.php
edit default settings to
protected function getDefaultOptions() {
$settings = [
'allow_redirects' => true,
'exceptions' => true,
'decode_content' => true,
'verify' => getcwd() .'/vendor/guzzlehttp/guzzle/src/cacert.pem'
];
}
download latest file cacert.pem from http://curl.haxx.se/ca/cacert.pem and place under /vendor/guzzlehttp/guzzle/src/
I'm getting an error RequestException in CurlFactory.php line 187:
cURL error 60: SSL certificate problem: unable to get local issuer certificate (see curl.haxx.se/libcurl/c/libcurl-errors.html) when trying to login with socialite facebook. This is the tutorial I followed http://blog.damirmiladinov.com/laravel/laravel-5.2-socialite-facebook-login.html#.V2K-ersrLIV .
This is my controller:
public function redirect()
{
return Socialite::driver('facebook')->redirect();
}
public function callback()
{
// when facebook call us a with token
$providerUser = \Socialite::driver('facebook')->user();
}
From my research I found out the error is as a result ofthe version of guzzlehttp/guzzle.I tried the solutions provided in these links but it didn't work for me. Laravel Socialite testing on localhost, SSL certificate issue? and https://laracasts.com/discuss/channels/general-discussion/curl-error-60-ssl-certificate-problem-unable-to-get-local-issuer-certificate/replies/52954. Kindly help.
For those that still need a solution, here it is.
$providerUser = \Socialite::driver('facebook')
->setHttpClient(new \GuzzleHttp\Client(['verify' => false]))
->user();
Note the ['verify' => false], this disables the SSL certificate verification check done by the Guzzle HTTP client which is used by Socialite. It might also be a good idea to export this into the configuration as a setting.
After struggling for almost one month I have been able to solve my problem.
The problem was with Cacert.pem file which was missing in my php folder in xampp directory.
I downloaded new carcet.pem from https://curl.haxx.se/ca/cacert.pem and saved it as carcet.pem.txt in my php folder inside the xampp directory. I then opened php.ini file inside php folder and changed
;curl.cainfo= to
curl.cainfo="C:\xampp\php\cacert.pem.txt". Do not forget the .txt extension and also don't forget to restart your xampp.
That solved the problem for me. You can also read more about this error here Laravel 5 Socialite - cURL error 77: error setting certificate verify locations. Here is a link to the tutorial I followed to implement Facebook Socialite Login http://blog.sarav.co/integrating-socialite-in-laravel-5-2/.Hope this helps someone.
I did it with the cacert.pem +
php artisan generate:key