'Unable to get local issuer certificate' in PHP Twitter API

Question

So I need to use the Twitter REST API in a web application I'm developing and I have written some very basic PHP code to just test whether or not I can connect to the Twitter Server. Unfortunately, whenever I try to execute the code, it crops up with an error:

Fatal error: Uncaught exception 'Exception' with message 'SSL certificate problem: unable to get local issuer certificate'

I am hosting the application currently on XAMPP 3.2.2 as a testing front so it's not officially hosted anywhere as of yet.

Here is my code with the exception of my consumer key and oauth token as they're confidential:

<?php

    require_once("TwitterAPIExchange.php");
    $url = "https://api.twitter.com/1.1/search/tweets.json";
    $twitter = new TwitterAPIExchange($settings);
    $requestMethod = "GET";
    $getField = "?q=twitter";
    $response = $twitter->setGetfield($getField)->buildOauth($url, $requestMethod)->performRequest();
    echo $response;

?>

How can I solve the SSL certificate problem? I'm not very knowledgeable about SSL and I need it to use this API in my web app.

As I've said before, I have entered my oauth and consumer details but not here as that's private information

Thanks in advance

score 5 · Answer 1 · edited May 23 '17 at 12:32

5

You need to set up the CURL library to use a "CA certificates" file (commonly known as cacert.pem).

Basically you need to alter php.ini (example).

edited May 23 '17 at 12:32

Community

1
1

answered Aug 21 '16 at 19:04

Zoli Szabó

4,366
1
13
19

What is "php.ini"? – DevB Aug 21 '16 at 21:17
php.ini is the configuration file for PHP: http://php.net/manual/en/configuration.file.php This is where to find it under XAMPP: http://stackoverflow.com/a/6185364/3219919 – Zoli Szabó Aug 22 '16 at 06:09

score 1 · Answer 2 · answered Jan 21 '18 at 16:44

1

It's not recommanded, but you can alter the library and disable the CURL SSL.

On line 296, add this: CURLOPT_SSL_VERIFYPEER => false That should work.

enter image description here

Hope it helps.

answered Jan 21 '18 at 16:44

Sorin

19
3

score 0 · Answer 3 · answered Jul 09 '20 at 22:55

0

XAMP has had issue with outdated root/chain certificate in curl for ages now. If you are free to use another tool, I would suggest switching to Laragon

answered Jul 09 '20 at 22:55

smwhr

675
6
22

score -1 · Answer 4 · answered Jul 09 '20 at 22:28

-1

The correct answer is:

$twitter = new TwitterAPIExchange($settings);
echo $twitter->setGetfield($getfield)
             ->buildOauth($url, $requestMethod)
             ->performRequest(true, [CURLOPT_SSL_VERIFYPEER => false]);

Reason being, they merge the 2nd parameter on performRequest with their options they pass to curl

answered Jul 09 '20 at 22:28

Todd Horst

853
10
22

OAuth2 security is strongly based on ssl, disabling it makes it looks like it work but expose the code to mitm attacks – smwhr Jul 09 '20 at 22:56
@smwhr I understand. The question and answers are all in relation to local wamp servers and this php twitter lib. In test you should disable verify peer, and in prod leave it default. My answer is how it should be handled, as apposed to modifying configs or the Twitter API lib for php, as others have suggested. Make your code environmentally aware. – Todd Horst Jul 11 '20 at 01:53

'Unable to get local issuer certificate' in PHP Twitter API

4 Answers4