Curl error 60, SSL certificate issue: self signed certificate in certificate chain
This error message appears when curl is unable to verify the SSL/TLS certificate presented by the server.
This error message appears when curl is unable to verify the SSL/TLS certificate presented by the server. This can happen for several reasons, including the use of a self-signed certificate or a certificate that was signed by an untrusted authority.
Here are a few steps you can take to resolve this error:
CLI Solution
- Use the
--insecureoption to bypass the certificate check (CLI):
curl --insecure https://example.com- Install the missing CA certificate on the system running curl. This will allow curl to verify the server's certificate chain.
- If the certificate is self-signed or signed by an untrusted authority, you can add the certificate to a file and use the
--cacertoption to tell curl to use the certificate as a trusted CA:
curl --cacert /path/to/ca.pem https://example.com- If you have access to the server, you can try generating a new SSL/TLS certificate that is signed by a trusted CA. This will eliminate the need to bypass the certificate check or add the certificate as a trusted CA.
PHP Solution
In PHP, you cannot use CLI flags. Instead, disable peer and host verification using curl_setopt:
$ch = curl_init('https://example.com');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
$response = curl_exec($ch);
curl_close($ch);I hope this helps! Let me know if you have any other questions.