Topics in the world of web development and other technologies we find interesting.

"Error [60] SSL Certificate problem: unable to get local issuer certificate)." when running PHP under Windows IIS


We ran into this probelm recently while setting up a CloudFront CDN for a WordPress site using the W3 Total Cache plugin. 

The server was running Windows IIS and PHP 7.2, although the solution is the same for other versions of PHP as well.

Once the CloudFront distribution was all setup and configured in the W3TC plugin, clicking the the "Test CloudFront distribution" button resulted in the following error message:

 "Error: Unable to list distributions (S3::listDistributions(): [60] SSL certificate problem: unable to get local issuer certificate)."

Why the Problem Happens

The reason we are getting this error is because the plugin is using PHP CURL extension to make a request to the Amazon CDN using HTTPS (SSL). The CURL extension does not trust the certificate and throws the error.

The Solution

The solution is configure the PHP Curl extension with the proper certificate authority bundle so that it can verify the ssl certificate.

You will need to verify that you have the proper certificate bundle in your PHP folder. We used the cacert.pem file from Mozilla, which you can get from here:

Place the file in your PHP folder located here: C:\Program Files\PHP\v7.2\extras\ssl\cacert.pem 

The PHP version / path may be different for your setup. Older versions are sometimes located in C:\Program Files (x86)\PHP\v5.6\ for example.

Once you have verfied the ca bundle is there, you will need to edit your php.ini to tell CURL where to find the bundle. 

Edit your php.ini (ours was located: C:\Program Files\PHP\v7.2\php.ini ) and use Ctrl +F to serach for the following line:  

;curl.cainfo =

Change this line to containt your path for the ca bundle, like so:

curl.cainfo = "C:\Program Files\PHP\v7.2\extras\ssl\cacert.pem"

Don't forget to un-comment the line (remove the ';' at the beginning) and make sure you use quotes around the path if it contains spaces.

Save the changes to php.ini and re test. You may also have to restart PHP or reset IIS to make the changes take effect depending on your config.


Posted at 10:39
blog comments powered by Disqus


Recent Comments

Powered by Disqus Error loading MacroEngine script (file: uBlogsyListBlogRoll.cshtml)