Guzzle: GuzzleHttp Exception cURL error 60: SSL certificate problem: unable to get local issuer certificate
Hi, I am getting the SSL exception while uploading file to S3 , Strange thing is i have specified the certificate in the config/filesystems.php in s3 block but it still gives this error.
I tried uploading file to s3 using Curl command line it works fine with the cacerts which i am providing in the filesystem.
Any help will be greatly appreciated, I am not able to pin point the issue as curl command line able to upload file to s3.
Below is Stack Trace
GuzzleHttpExceptionRequestException: cURL error 60: SSL certificate problem: unable to get local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html) in /var/www/laravel/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php:187
Stack trace:
0 /var/www/laravel/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(150): GuzzleHttpHandlerCurlFactory::createRejection(Object(GuzzleHttpHandlerEasyHandle), Array)
1 /var/www/laravel/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(103): GuzzleHttpHandlerCurlFactory::finishError(Object(GuzzleHttpHandlerCurlMultiHandler), Object(GuzzleHttpHandlerEasyHandle), Object(GuzzleHttpHandlerCurlFactory))
2 /var/www/laravel/vendor/guzzlehttp/guzzle/src/Handler/CurlMultiHandler.php(179): GuzzleHttpHandlerCurlFactory::finish(Object(GuzzleHttpHandlerCurlMultiHandler), Object(GuzzleHttpHandlerEasyHandle), Object(GuzzleHttpHandlerCurlFactory))
3 /var/www/laravel/vendor/guzzlehttp/guzzle/src/Handler/CurlMultiHandler.php(108): GuzzleHttpHandlerCurlMultiHandler->processMessages()
4 /var/www/laravel/vendor/guzzlehttp/guzzle/src/Handler/CurlMultiHandler.php(123): GuzzleHttpHandlerCurlMultiHandler->tick()
5 /var/www/laravel/vendor/guzzlehttp/promises/src/Promise.php(246): GuzzleHttpHandlerCurlMultiHandler->execute(true)
6 /var/www/laravel/vendor/guzzlehttp/promises/src/Promise.php(223): GuzzleHttpPromisePromise->invokeWaitFn()
7 /var/www/laravel/vendor/guzzlehttp/promises/src/Promise.php(267): GuzzleHttpPromisePromise->waitIfPending()
8 /var/www/laravel/vendor/guzzlehttp/promises/src/Promise.php(225): GuzzleHttpPromisePromise->invokeWaitList()
9 /var/www/laravel/vendor/guzzlehttp/promises/src/Promise.php(267): GuzzleHttpPromisePromise->waitIfPending()
10 /var/www/laravel/vendor/guzzlehttp/promises/src/Promise.php(225): GuzzleHttpPromisePromise->invokeWaitList()
11 /var/www/laravel/vendor/guzzlehttp/promises/src/Promise.php(62): GuzzleHttpPromisePromise->waitIfPending()
12 /var/www/laravel/vendor/aws/aws-sdk-php/src/S3/S3ClientTrait.php(33): GuzzleHttpPromisePromise->wait()
13 /var/www/laravel/vendor/league/flysystem-aws-s3-v3/src/AwsS3Adapter.php(583): AwsS3S3Client->upload('elevatecds', '4/mampleInitial...', Resource id #8, 'private', Array)
14 /var/www/laravel/vendor/league/flysystem-aws-s3-v3/src/AwsS3Adapter.php(368): LeagueFlysystemAwsS3v3AwsS3Adapter->upload('4/mampleInitial...', Resource id #8, Object(LeagueFlysystemConfig))
15 /var/www/laravel/vendor/league/flysystem/src/Filesystem.php(122): LeagueFlysystemAwsS3v3AwsS3Adapter->writeStream('4/mampleInitial...', Resource id #8, Object(LeagueFlysystemConfig))
16 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Filesystem/FilesystemAdapter.php(132): LeagueFlysystemFilesystem->putStream('4/mampleInitial...', Resource id #8, Object(LeagueFlysystemConfig))
17 /var/www/laravel/app/Http/Controllers/WorkspacesController.php(621): IlluminateFilesystemFilesystemAdapter->put('4/mampleInitial...', Resource id #8, Array)
18 [internal function]: AppHttpControllersWorkspacesController->uploadFile(Object(IlluminateHttpRequest))
19 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(55): call_user_func_array(Array, Array)
20 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(44): IlluminateRoutingController->callAction('uploadFile', Array)
21 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Route.php(203): IlluminateRoutingControllerDispatcher->dispatch(Object(IlluminateRoutingRoute), Object(AppHttpControllersWorkspacesController), 'uploadFile')
22 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Route.php(160): IlluminateRoutingRoute->runController()
23 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Router.php(572): IlluminateRoutingRoute->run()
24 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): IlluminateRoutingRouter->IlluminateRouting{closure}(Object(IlluminateHttpRequest))
25 /var/www/laravel/app/Http/Middleware/Authenticate.php(27): IlluminateRoutingPipeline->IlluminateRouting{closure}(Object(IlluminateHttpRequest))
26 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): AppHttpMiddlewareAuthenticate->handle(Object(IlluminateHttpRequest), Object(Closure))
27 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): IlluminatePipelinePipeline->IlluminatePipeline{closure}(Object(IlluminateHttpRequest))
28 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php(65): IlluminateRoutingPipeline->IlluminateRouting{closure}(Object(IlluminateHttpRequest))
29 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): IlluminateFoundationHttpMiddlewareVerifyCsrfToken->handle(Object(IlluminateHttpRequest), Object(Closure))
30 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): IlluminatePipelinePipeline->IlluminatePipeline{closure}(Object(IlluminateHttpRequest))
31 /var/www/laravel/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php(49): IlluminateRoutingPipeline->IlluminateRouting{closure}(Object(IlluminateHttpRequest))
32 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): IlluminateViewMiddlewareShareErrorsFromSession->handle(Object(IlluminateHttpRequest), Object(Closure))
33 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): IlluminatePipelinePipeline->IlluminatePipeline{closure}(Object(IlluminateHttpRequest))
34 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php(64): IlluminateRoutingPipeline->IlluminateRouting{closure}(Object(IlluminateHttpRequest))
35 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): IlluminateSessionMiddlewareStartSession->handle(Object(IlluminateHttpRequest), Object(Closure))
36 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): IlluminatePipelinePipeline->IlluminatePipeline{closure}(Object(IlluminateHttpRequest))
37 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php(37): IlluminateRoutingPipeline->IlluminateRouting{closure}(Object(IlluminateHttpRequest))
38 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): IlluminateCookieMiddlewareAddQueuedCookiesToResponse->handle(Object(IlluminateHttpRequest), Object(Closure))
39 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): IlluminatePipelinePipeline->IlluminatePipeline{closure}(Object(IlluminateHttpRequest))
40 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php(59): IlluminateRoutingPipeline->IlluminateRouting{closure}(Object(IlluminateHttpRequest))
41 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): IlluminateCookieMiddlewareEncryptCookies->handle(Object(IlluminateHttpRequest), Object(Closure))
42 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): IlluminatePipelinePipeline->IlluminatePipeline{closure}(Object(IlluminateHttpRequest))
43 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(102): IlluminateRoutingPipeline->IlluminateRouting{closure}(Object(IlluminateHttpRequest))
44 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Router.php(574): IlluminatePipelinePipeline->then(Object(Closure))
45 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Router.php(533): IlluminateRoutingRouter->runRouteWithinStack(Object(IlluminateRoutingRoute), Object(IlluminateHttpRequest))
46 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Router.php(511): IlluminateRoutingRouter->dispatchToRoute(Object(IlluminateHttpRequest))
47 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(176): IlluminateRoutingRouter->dispatch(Object(IlluminateHttpRequest))
48 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(30): IlluminateFoundationHttpKernel->IlluminateFoundationHttp{closure}(Object(IlluminateHttpRequest))
49 /var/www/laravel/vendor/barryvdh/laravel-debugbar/src/Middleware/Debugbar.php(51): IlluminateRoutingPipeline->IlluminateRouting{closure}(Object(IlluminateHttpRequest))
50 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): BarryvdhDebugbarMiddlewareDebugbar->handle(Object(IlluminateHttpRequest), Object(Closure))
51 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): IlluminatePipelinePipeline->IlluminatePipeline{closure}(Object(IlluminateHttpRequest))
52 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(46): IlluminateRoutingPipeline->IlluminateRouting{closure}(Object(IlluminateHttpRequest))
53 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(148): IlluminateFoundationHttpMiddlewareCheckForMaintenanceMode->handle(Object(IlluminateHttpRequest), Object(Closure))
54 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php(53): IlluminatePipelinePipeline->IlluminatePipeline{closure}(Object(IlluminateHttpRequest))
55 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(102): IlluminateRoutingPipeline->IlluminateRouting{closure}(Object(IlluminateHttpRequest))
56 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(151): IlluminatePipelinePipeline->then(Object(Closure))
57 /var/www/laravel/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(116): IlluminateFoundationHttpKernel->sendRequestThroughRouter(Object(IlluminateHttpRequest))
58 /var/www/laravel/public/index.php(53): IlluminateFoundationHttpKernel->handle(Object(IlluminateHttpRequest))
59 {main}
gerryats
All 21 comments
HI Any one else facing this issue with Laravel 5.4 while uploading file to S3. Kindly let me know.
Thanks in Advance.
Gerry
gerryats
on 12 Oct 2017
Do you have any example code? Have you tried manually configure Guzzle? If so, Guzzle won't read your laravel settings, so you have to configure them in Guzzle as well.
If you use some sort of integration package (not sure what they are called in case of laravel: bundle, package, module, gem, etc) you should probably check if that one works fine.
sagikazarmark
on 12 Oct 2017
Hi
Thanks @sagikazarmark , let me check the option in laravel to pass ssl certificates to guzzle to see if that works.
gerryats
on 16 Oct 2017
I'm getting this error with Drupal 8.4.0 as well. But not every time...
php-error staging-4763 [10-Nov-2017 13:08:30 America/Toronto] Uncaught PHP Exception GuzzleHttp\Exception\RequestException: "cURL error 60: SSL certificate problem: unable to get local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)" at /mnt/www/html/d8esricanadastg/docroot/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php line 187 request_id="v-27d895be-c642-11e7-9b17-22000a2a779e"
djouuuuh
on 10 Nov 2017
Download the latest cacert.pem from https://curl.haxx.se/ca/cacert.pem
Add the following line to php.ini:
curl.cainfo="/path/to/downloaded/cacert.pem"
pan-christensen
on 9 Mar 2018
I had the same issue.
The solution provided by @pan-christensen did not work for me.
The website on which I was requesting in HTTPS was apparently using a custom(?) SSL certificate.
So, I opened the certificates in chrome and exported all (3) certificates I could: see screenshot
and added them to a custom mycertfile.pem
Then using it with Guzzle this way:
$client = new Client(['verify' => '/my/path/to/mycertfile.pem']);
Now it's working!
You can also download a certificate with the openssl command, but I my case it wasn't the right certificate. So I had to download them manually
cbaconnier
on 7 May 2018
You probably want to contact the website owner, as using a self-signed cert and trusting it without verification from the owner is not a good idea. That cert you downloaded could already be part of a man-in-the-middle attach.
sagikazarmark
on 7 May 2018
@pan-christensen it is right
sushengbuhuo
on 31 Aug 2018
i have a similare error with kreait of firebase but i use one by one your response but i can't resolve my problem
i configure openssl on my local server
use curl config in php.ini
$serviceAccount = ServiceAccount::fromJsonFile(__DIR__.'/firebaseKey.json');
$firebase = (new Factory)
->withServiceAccount($serviceAccount)
->create();
$database = $firebase->getDatabase();
$ref = $database->getReference('Test');
$key = $ref->push()->getKey();
var_dump(openssl_get_cert_locations());
return $key;
DIMITA
on 24 Mar 2019
Solution of @pan-christensen worked for me.
AsmaGargouri
on 29 Jul 2019
in my case, the file descriptors just ran out
kumirska
on 6 Nov 2019
Download the latest cacert.pem from https://curl.haxx.se/ca/cacert.pem
Add the following line to php.ini:
curl.cainfo="/path/to/downloaded/cacert.pem"
If you're on Windows and still getting the error after applying the above, make sure you're updating the correct php.ini file.
Run php -i | grep php.ini to print out the path the the ini configuration in use. Have been trying to fix this since last night and turns out I was editing the wrong ini file, smh.
leonelngande
on 7 Dec 2019
It might not be client problem at all. for me it was the backend.
Check your certificate chain.
In my case it was simply wrong intermediate certificate. (the browser downloaded the extra cert silently, but SSLLABS shows me the extra download issue)
sbonline
on 26 Feb 2020
Download the latest cacert.pem from https://curl.haxx.se/ca/cacert.pem
Add the following line to php.ini:
curl.cainfo="/path/to/downloaded/cacert.pem"
More info:
https://stackoverflow.com/questions/24611640/curl-60-ssl-certificate-unable-to-get-local-issuer-certificateIf you're on Windows and still getting the error after applying the above, make sure you're updating the correct php.ini file.
Run
php -i | grep php.inito print out the path the the ini configuration in use. Have been trying to fix this since last night and turns out I was editing the wrong ini file, smh.
Thanks for the fix, I was editing the wrong php.ini running WAMP :)
virgilshelton
on 5 Mar 2020
@virgilshelton Thanks it worked great!
EdisonValdez
on 14 Apr 2020
Download the latest cacert.pem from https://curl.haxx.se/ca/cacert.pem
Add the following line to php.ini:
curl.cainfo="/path/to/downloaded/cacert.pem"
does anyone knows how to do this in hostinger or hostgator?
chaaawles
on 23 Apr 2020
$client = new \GuzzleHttp\Client(['verify' => false ]);
Ishodnikov
on 16 May 2020
Hi here.. there is an FAQ section in docs for this
http://docs.guzzlephp.org/en/stable/faq.html#why-am-i-getting-an-ssl-verification-error
Many solutions have been given to this post. Please note that setting verify to false as stated in the docs it is considered insecure.
gmponos
on 20 May 2020
I had the same issue.
The solution provided by @pan-christensen did not work for me.
The website on which I was requesting in HTTPS was apparently using a custom(?) SSL certificate.So, I opened the certificates in chrome and exported all (3) certificates I could: see screenshot
and added them to a custommycertfile.pemThen using it with Guzzle this way:
$client = new Client(['verify' => '/my/path/to/mycertfile.pem']);Now it's working!
_You can also download a certificate with the openssl command, but I my case it wasn't the right certificate. So I had to download them manually_
A similar issue was with me, our site is using our own SSL certificate issued by a signing authority. Though it was still valid, one of the intermediate signing authority certificate in the chained bundle was expired. Replacing that certificate in the bundle resolved the issue.
ravimisra
on 30 May 2020
$client = new \GuzzleHttp\Client(['verify' => false ]);
Thank you :)
irushabhthakar
on 11 Jun 2020
for laravel 7 use
$response = Http::withoutVerifying()->post('https://www.testwebsite.com')
marthanash
on 8 Aug 2020
Related issues
Anan5a
路
4Comments
skovmand
路
5Comments
pedropinheiro75
路
4Comments
nimaamiri92
路
4Comments
benswinburne
路
3Comments
Most helpful comment
Download the latest cacert.pem from https://curl.haxx.se/ca/cacert.pem
Add the following line to php.ini:
curl.cainfo="/path/to/downloaded/cacert.pem"
More info:
https://stackoverflow.com/questions/24611640/curl-60-ssl-certificate-unable-to-get-local-issuer-certificate