Today, I finally tackled an issue that had been bothering me for a long time. Everytime I tried to connect to an API of mine, cURL returned the error code 60. If I set
curl_setopt($process, CURLOPT_SSL_VERIFYPEER, false);The error disappeared. Easy fix right? Not if you care about being secure for yourself and your customers. I spent about an hour in a chat with HostGator tech support before finding the fix myself. I was contacting them and insisting it was a certificate issue, but I was wrong. Apparently cURL doesn't ship with a library of trusted root certification authorities (aka, the trusted ssl sellers), so it automatically denies all SSL connections and assumes they could be insecure. The reason cURL denies SSL certificates that aren't in that library (and if the library isn't included, all ssl secured sites) is to protect you from someone self-signing a certificate and claiming to be someone they're not (i.e. Microsoft.com).
So anyway, here's how to fix it.
1. Download a cacert.pem file
2. Upload it to your website's root folder
3. Add the following to your cURL options
curl_setopt($process, CURLOPT_CAINFO, dirname(__FILE__) . '/cacert.pem'); curl_setopt($process, CURLOPT_SSL_VERIFYPEER, true);
4. Relax and enjoy secure connections to any API that you were previously having issues with.
Author: Shane Stebner
Shane is a successful web-developer specializing in responsive design, and the open-source LAMP stack. Over the years, he's gained in-depth experience with Stripe, Twilio, PhantomJs, Authorize.net, PayPal, Facebook, Twitter, and many other plugins/APIs.