Google-api-php-client: cURL error 60: SSL certificate problem: unable to get local issuer certificate
With this code running on Windoze 10 with WAMP:
$file = new Google_Service_Drive_DriveFile();
$file->title = $title;
$file->description = $description;
if ( $file ) {
$createdFile = $this->serviceDrive->files->insert( $file, array(
'data' => $data,
'mimeType' =>'text/csv',
'convert' => true,
'uploadType' => 'media'
));
}
I am getting this issue :
Fatal error: Uncaught exception âGuzzleHttpRingExceptionRingExceptionâ with message âcURL error 60: SSL certificate problem: unable to get local issuer certificate
The exception is thrown in Google/Http/REST.php > function doExecute() > $client->send($request)
which, in my case, calls http://www.googleapis.com/upload/drive/v2/files
Iâve followed all the StackOverflow tips to download âcurl-ca-bundle.crtâ file and set this in php.ini:
curl.cainfo = âC:/Windows/curl-ca-bundle.crtâ
But get the same error.
In Chrome I went to http://www.googleapis.com and right clicked on the lock icon > clicked Connection > clicked "Certificate Information" > Details > Copy to file > Base 64 encoded X.509
And added it to the curl-ca-bundle.crt
Still didn't work.
thephm
All 15 comments
Try this:
$client->getHttpClient()->setDefaultOption('verify', 'C:/Windows/curl-ca-bundle.crt');
bshaffer
on 28 Dec 2015
This code doesn't work anymore with Google API Client RC5 because the last version use Guzzle 6.
You should use this syntax instead:
$client->setHttpClient(new \GuzzleHttp\Client(array(
'verify' => 'C:\Windows\curl-ca-bundle.crt',
)));
guicara
on 29 Feb 2016
The above code doesn't resolve the issue on the App Engine development server on PHP SDK 1.9.35:
$client->setHttpClient(new GuzzleHttp\Client(['verify' => 'curl-ca-bundle.crt']));
_Uncaught exception 'GuzzleHttpExceptionRequestException' with message 'cURL error 60: SSL certificate problem: unable to get local issuer certificate'_
When trying to disable verification completely:
$client->setHttpClient(new GuzzleHttp\Client(['verify' => false]));
_Uncaught exception 'GuzzleHttpExceptionRequestException' with message 'cURL error 0: The cURL request was retried 3 times and did not succeed. The most likely reason for the failure is that cURL was unable to rewind the body of the request and subsequent retries resulted in the same error._
In both cases the error is accompanied by one or more warnings:
_Warning: curl_setopt_array(): cannot represent a stream of type MEMORY as a STDIO FILE*_
ghost
on 3 Apr 2016
Hello I have the same issue. Whatever I set php to use the latest curl certificate, the problem remains.
I'm having the issue on windows 7. Is there a fix ?
Thanks
neovea
on 9 May 2016
The guzzle package is downloaded with the google dependencies and I cannot access the Guzzle classes and methods via the $client = new GuzzleHttpClient (); syntax.
I am working with a testing server and need some help.
ace411
on 1 Jul 2016
The class is GuzzleHttp\Client. Also, ensure you're including vendor/autoload.php.
I am closing this issue because it's outdated. Please open a new issue if you run into any problems, and post the full version of your code.
bshaffer
on 1 Jul 2016
I gave up in it.
neovea
on 14 Jul 2016
For those that still want/need to know.
The php.ini entry curl.cainfo has to point to a cacert.pem
So: curl.cainfo = "PATH_TO/cacert.pem"
See here: https://git.io/vKRgY
Get the pem cert here ( there should also be one in the cURL dir ) : https://curl.haxx.se/ca/cacert.pem
hth
TLMcode
on 14 Jul 2016
It still exist in my local system. I tried it in a hosting space and it is working fine
razikallayi
on 25 Aug 2017
If someone struggles even now I fixed it by doing :
$guzzleClient = new \GuzzleHttp\Client(["curl" => [
CURLOPT_SSL_VERIFYPEER => false
]]);
$client->setHttpClient($guzzleClient);
rakeshshubhu
on 30 Dec 2019
Please note @rakeshshubhu that disabling SSL verification is acceptable in development, but is extremely dangerous in production environments. If you are experiencing this issue in a production server, speak to your host and work to correct the server configuration, do not ignore the issue by disabling important security measure. :)
jdpedrie
on 30 Dec 2019
If someone struggles even now I fixed it by doing :
$guzzleClient = new \GuzzleHttp\Client(["curl" => [ CURLOPT_SSL_VERIFYPEER => false ]]); $client->setHttpClient($guzzleClient);
Can you guide which .PHP file on the plugin this has to be updated in and wherw
rush2ankit
on 9 Jan 2020
@jdpedrie .. I couldn't make it work with it in development so I added that line. Anyway what are the security risks that I get from it. Thank you.
rakeshshubhu
on 11 Jan 2020
@rush2ankit hmm
$client = new Google_Client();
$guzzleClient = new \GuzzleHttp\Client(["curl" => [
CURLOPT_SSL_VERIFYPEER => false
]]);
$client->setHttpClient($guzzleClient);
As @jdpedrie suggested, only do this in your local environment.
rakeshshubhu
on 11 Jan 2020
@rakeshshubhu this link contains good information about the risks of disabling peer verification.
jdpedrie
on 11 Jan 2020
Related issues
mevsme
·
4Comments
usamamashkoor
·
5Comments
Fredyy90
·
3Comments
bencromwell
·
3Comments
ysaurabh33
·
3Comments
Most helpful comment
For those that still want/need to know.
The php.ini entry curl.cainfo has to point to a cacert.pem
So: curl.cainfo = "PATH_TO/cacert.pem"
See here: https://git.io/vKRgY
Get the pem cert here ( there should also be one in the cURL dir ) : https://curl.haxx.se/ca/cacert.pem
hth