cURL error 60 while using the GuzzleHttp

Question

I would like to get rid of this error. I read a similar question where one answer suggested that I can disable the verification using:

$client->setDefaultOption('verify', false);

My exact error is:

Uncaught exception 'GuzzleHttp\Exception\RequestException' with message 'cURL error 60: SSL certificate problem: unable to get local issuer certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html)' in C:\path\guzzle\src\Handler\CurlFactory.php:187 Stack trace: #0 C:\path\guzzle\src\Handler\CurlFactory.php(150): GuzzleHttp\Handler\CurlFactory::createRejection(Object(GuzzleHttp\Handler\EasyHandle), Array) #1

C:\path\guzzle\src\Handler\CurlFactory.php(103): GuzzleHttp\Handler\CurlFactory::finishError(Object(GuzzleHttp\Handler\CurlHandler), Object(GuzzleHttp\Handler\EasyHandle), Object(GuzzleHttp\Handler\CurlFactory)) #2

C:\path\guzzle\src\Handler\CurlHandler.php(43): GuzzleHttp\Handler\CurlFactory::finish(Object(GuzzleHttp\Handler\CurlHandler), Object(GuzzleHttp\Handler\EasyHandle), Object(GuzzleHttp\Hand in C:\path\guzzle\src\Handler\CurlFactory.php on line 187

I read the code of all these lines and there is no variable like $client there but I found this function inside CurlFactory.php. Please note the file CurlFactory.php was not created by me.

public function release(EasyHandle $easy)
{
    $resource = $easy->handle;
    unset($easy->handle);

    if (count($this->handles) >= $this->maxHandles) {
        curl_close($resource);
    } else {
        // Remove all callback functions as they can hold onto references
        // and are not cleaned up by curl_reset. Using curl_setopt_array
        // does not work for some reason, so removing each one
        // individually.
        curl_setopt($resource, CURLOPT_HEADERFUNCTION, null);
        curl_setopt($resource, CURLOPT_READFUNCTION, null);
        curl_setopt($resource, CURLOPT_WRITEFUNCTION, null);
        curl_setopt($resource, CURLOPT_PROGRESSFUNCTION, null);
        curl_reset($resource);
        $this->handles[] = $resource;
    }
}

Can I set the option to disable verification here?

I know it is not a good idea to disable verification but the code is for personal use and to test something. It is no problem if I disable the verification. Here is the code in my actual PHP file.

require('vendor/autoload.php');
use JonathanTorres\MediumSdk\Medium;

$medium = new Medium('my-key');

$user = $medium->getAuthenticatedUser();
echo 'Authenticated user name is: ' . $user->name;

As you can see, I am not using cURL in my code anywhere. The options need to be set inside the library somewhere. Is it possible to disable the verification in my own file instead of changing the source code of library?

Answer 1

You're probably looking for the option CURLOPT_SSL_VERIFYHOST. If not specified, this setting defaults to option 2, which means the connection will fail if the certificate name does not match the name of the server connected to. Setting this to 0 means that the host name will be ignored, and the certificate will be accepted regardless of name mismatch. Usually this is enough to address issues with self-signed certificates.

Option 1 is a legacy option which used to be used for debugging but is deprecated and should not be used.

This could also be due to curl not being able to find the root certificate bundle. You can download the bundle from the curl site and save it to a location on your server, then add a reference to it in your php.ini like so: curl.cainfo = FOLDER_PATH\cacert.pem

It could also be related to the version of Guzzle, I found references to this being a problem with Guzzle versions later than 4. Not sure if that's practical for you to try.