How to Fix Laravel â CURL Error 60: SSL Certificate Problem: Unable To Get Local Issuer Certificate
If you are working with Laravel and using the Guzzle HTTP client to make API requests, you may encounter the following error:
CURL error 60: SSL certificate problem: unable to get local issuer certificate
This error means that Guzzle cannot verify the SSL certificate of the API server you are trying to connect to. This can happen for various reasons, such as:
The API server has an invalid or expired SSL certificate.
The API server has a self-signed SSL certificate that is not trusted by your system.
Your system does not have the correct CA certificates installed to validate the SSL certificate of the API server.
In this article, we will show you how to fix this error and make your Laravel application work with any API server that uses SSL.
Method 1: Disable SSL Verification in Guzzle
The easiest way to fix this error is to disable SSL verification in Guzzle. This means that Guzzle will not check the validity of the SSL certificate of the API server and will accept any certificate. However, this is not recommended for security reasons, as it exposes your application to potential man-in-the-middle attacks. Therefore, you should only use this method for testing or development purposes, and not for production.
To disable SSL verification in Guzzle, you need to pass an option array to the Guzzle client constructor or to the request method. The option array should have a key called verify and a value of false. For example:
$client = new \\GuzzleHttp\\Client(['verify' => false]);$response = $client->request('GET', 'https://api.example.com');
$client = new \\GuzzleHttp\\Client();$response = $client->request('GET', 'https://api.example.com', ['verify' => false]);
This will tell Guzzle to ignore the SSL certificate error and proceed with the request.
Method 2: Update Your CA Certificates
A better way to fix this error is to update your CA certificates on your system. CA certificates are files that contain the public keys of trusted certificate authorities (CAs) that issue SSL certificates for websites. By having these files on your system, you can verify that the SSL certificate of any website you visit is issued by a legitimate CA and has not been tampered with.
To update your CA certificates on your system, you need to download the latest bundle of CA certificates from https://curl.se/docs/caextract.html. This is a file called cacert.pem that contains all the CA certificates recognized by curl, which is the underlying library used by Guzzle.
After downloading the file, you need to save it somewhere on your system, such as C:\\xampp\\php\\extras\\ssl\\cacert.pem on Windows or /etc/ssl/certs/cacert.pem on Linux. Then, you need to tell PHP where to find this file by editing your php.ini file. You need to find the line that says ;curl.cainfo = and uncomment it by removing the semicolon. Then, you need to set the value of this option to the path of the cacert.pem file you downloaded. For example: