Fixing cURL SSL connection issue with php.ini

WordPress API wp_remote_get and wp_remote_post may use cURL as the underlying technology. cURL doesn’t have an in-built certificate, like all the browsers and relies on external certificates to verify SSL of websites. In majority of setups things just work fine and you don’t need to worry much about it.

But in some cases, connecting to websites over https fails because of missing or incorrect cURL. In this regard, we need to point PHP cURL to use the correct one.

Download the updated current cacert.pem file from cURL website. Place it somewhere in your system.

wget https://curl.haxx.se/ca/cacert.pem
mv cacert.pem /etc/php7.0/cacert.pem

Now edit your php.ini file. If you are on a dedicated or VPS server, then you know which file to edit (or your sysadmin knows). If on a shared server, then I highly recommend to get help from your webhost support. If you are feeling geeky, then use this guide to find out how to locate your php.ini file.

Now place/modify the following directive.

curl.cainfo="/etc/php7.0/cacert.pem"
openssl.cafile="/etc/php7.0/cacert.pem"

You can store the files anywhere and refer to the absolute path. Once done, save the ini file and restart the server.

For Nginx

sudo systemctl restart php7.0-fpm

For Apache

sudo systemctl restart apache2.service

Swashata has written 242 articles

Hi there, I am the Lead Developer at WPQuark.com. I love to create something beautiful for WordPress and here I write about how to use them. When I am not working, usually I am doing a number of other creative things ;).