cURL error 60: SSL certificate: unable to get local issuer certificate - DigiCert

Question

I have a production and a test server. Then I have a 3rd party program with a test and a production environment.

Tests are bond together and productions are bond together.

3rd party production server has a DigiCert Global Root G2 and the test server has a DigiCert Global Root CA.

My servers share the environment configuration and both certificates are in /etc/ssl/certs.

I call it with GuzzleHttp.

$client = new Client([
    'base_uri' => 'www.example.com',
]);

$data = [
    'json' => $jsonData
    'expect' => false,
    'auth' => [username, password, basic]
];

$client->request('POST', 'api/endpoint1', $data);

The production server works fine but the test server throws error cURL error 60: SSL certificate: unable to get local issuer certificate.

There is a certificate chain (not sure how this works):

0 s:/CN=www.example.com
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=RapidSSL RSA CA 2018
1 s:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=RapidSSL TLS RSA CA G1
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root G2

I need to find out whose fault is that - mine or 3rd party?
How can it be fixed?

Possible duplicate of [cURL error 60: SSL certificate: unable to get local issuer certificate](https://stackoverflow.com/questions/29822686/curl-error-60-ssl-certificate-unable-to-get-local-issuer-certificate) — really_operator, May 06 '19 at 16:04

score 0 · Accepted Answer · answered May 07 '19 at 09:23

0

The problem was that 3rd party has a problem with the certificate. After fix everything works fine now. So no need to update certificates that were already correct (that was already written in the question).

answered May 07 '19 at 09:23

tttpapi

887
2
9
32

cURL error 60: SSL certificate: unable to get local issuer certificate - DigiCert

1 Answers1