3

I have Laravel with PHP 7.2 on Ubuntu. I want to download bitcoin price from website: 

https://btczexplorer.blockhub.info/ext/getbalance/t1ZYiG4R4n5gTgUKZRgVpKPzG5FYQXpEqga

On server I get error:

cURL error 60: SSL certificate problem: unable to get local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)

I've found in the Internet that I have to install certificate. So I did:

root@server-1456254-1:/etc/ssl/certs# sudo wget http://curl.haxx.se/ca/cacert.pem
root@server-1456254-1:/etc/php/7.2/apache2# nano php.ini
in php.ini:
openssl.cafile=/etc/ssl/certs/cacert.pem
root@server-1456254-1:/etc/php/7.2/apache2# /etc/init.d/apache2 restart

But the error still occurs. What is wrong?

-- Above url to btczexplorer is called in php file in Laravel:

public function blockNotify($blockId)
    {

        try {

            $response = Rate::getAddressApiBalance('t1ZYiG4R4n5gTgUKZRgVpKPzG5FYQXpEqga');


            return $response;

        }catch (\Exception $e) {
            return $e->getMessage() . ' stack trace: ' . $e->getTraceAsString();
        }

        return "end";

And Rate file:

public static function getAddressApiBalance($address)
    {
        try {
            $uri = "https://btczexplorer.blockhub.info/ext/getbalance/" . $address;

            $response = Http::get($uri);

            return $response;
        } catch (InvalidArgumentException $exception){
            return 3;
            Log::error($exception);
        } catch (Exception $e) {
            return $e->getMessage();
            Log::error($e);
        }

        return 0;
    }

and on website I have error with certificate.

Why I use local or CA? I've found this solution in the Internet.

using file_get_contents we have the same error:

Result the same: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed stack trace: #0 [internal function]: Illuminate\Foundation\Bootstrap\HandleExceptions->handleError(2, 'file_get_conten...', '/var/www/html/b...', 43, Array) #1 /var/www/html/bitpay/app/Http/Controllers/BlockApiController.php(43): file_get_contents('https://btczexp...') #2 [internal function]: App\Http\Controllers\BlockApiController->blockNotify('00000051507a8ce...') #3 /var/www/html/bitpay/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): call_user_func_array(Array, Array) #4 /var/www/html/bitpay/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\Routing\Controller->callAction('blockNotify', Array) #5

maybe it will be helpful command var_dump(openssl_get_cert_locations()) display:

 array(8) { ["default_cert_file"]=> string(21) "/usr/lib/ssl/cert.pem" ["default_cert_file_env"]=> string(13) "SSL_CERT_FILE" ["default_cert_dir"]=> string(18) "/usr/lib/ssl/certs" ["default_cert_dir_env"]=> string(12) "SSL_CERT_DIR" ["default_private_dir"]=> string(20) "/usr/lib/ssl/private" ["default_default_cert_area"]=> string(12) "/usr/lib/ssl" ["ini_cafile"]=> string(25) "/etc/ssl/certs/cacert.pem" ["ini_capath"]=> string(0) "" }

so I've changed in php.ini path of the cert: openssl.cafile=/usr/lib/ssl/certs/cacert.pem but without result

now I've changed my code to pure guzzle client:

$url = 'https://btczexplorer.blockhub.info/ext/getbalance/t1ZYiG4R4n5gTgUKZRgVpKPzG5FYQXpEqga'; 
$http = new Client(['verify' => '/usr/lib/ssl/certs/cacert.pem']);
$options = [];
$response = $http->request('GET', $url, $options);

and I get the same error:

cURL error 60: SSL certificate problem: unable to get local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html) stack trace: #0 /var/www/html/bitpay/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(149): GuzzleHttp\Handler\CurlFactory::createRejection(Object(GuzzleHttp\Handler\EasyHandle), Array) #1 /var/www/html/bitpay/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(102): GuzzleHttp\Handler\CurlFactory::finishError(Object(GuzzleHttp\Handler\CurlHandler), Object(GuzzleHttp\Handler\EasyHandle), Object(GuzzleHttp\Handler\CurlFactory)) #2
Robert
  • 2,571
  • 10
  • 63
  • 95
  • Why would you even try and use a local certificate or CA? Can you say which command exactly triggers this? Or are you not using curl on the command line? Given you said you use laravel the error seems a bit weird. – ArSeN Dec 14 '19 at 16:42
  • I've added response to first post – Robert Dec 14 '19 at 17:13
  • Hmm, depending on the scope of your project this appears quite complicated. Could you not just `file_get_contents('https://btczexplorer.blockhub.info/ext/getbalance/t1ZYiG4R4n5gTgUKZRgVpKPzG5FYQXpEqga')` and be done with it? – ArSeN Dec 14 '19 at 17:19
  • I've added to my post response because it was too long. – Robert Dec 14 '19 at 19:34

2 Answers2

1

I tried the accepted answer above, updating the curl and openssl settings mentioned in the comment, but both didnt work. Similar to the questioner, I downloaded the cert from http://curl.haxx.se/ca/cacert.pem (as instructed here), though I placed the cert at /usr/local/share/ca-certificates/ instead.

In my case the problem was not limited to Laravel only but with composer itself. The command composer diagnose showed the dreaded error "cURL error 60: SSL certificate problem: unable to get local issuer certificate".

I updated all server packages sudo apt-get update && sudo apt-get upgrade and now composer is working (the error is gone). I removed the curl and openssl values previously set, then tested, and saw that composer still works. So in my case, setting the php values was not the solution at all.

alds
  • 525
  • 9
  • 19
0

I think is a curl problem to find the certificates.

So try to change in php.ini this option (it requires an absolute path):

curl.cainfo = “/etc/ssl/certs/cacert.pem”
Umberto Migliore
  • 317
  • 4
  • 17