Windows IIS with PHP: Curl (60) SSL Certificate Problem: Unable to get local issuer certificate

When adding PHP to your IIS installation on a Windows server, and you afterwards add SSL to it, everything may work at first hand, but if you need to run some curl scripts, that accesses the server with https://, you may run into this error:

“Curl (60) SSL Certificate Problem: Unable to get local issuer certificate”

This is due to the missing CA Cert from Mozilla, that PHP needs to have in it’s SSL directory, so the fix:

1) Download “cacert.pem” from here: http://curl.haxx.se/docs/caextract.html (https://curl.haxx.se/ca/cacert.pem)
2) Save the cacert.pem to the directory on the server, where the PHP version you use, resides:

3) Add this path into the php.ini you use:

4) Run “iisreset” on a command prompt with administrative privileges 🙂

5) Test and you’re done!

 

26 Comments

  1. julius

    A million thanks you’s ! You saved me a huge headache ^_^

    Reply
    1. Martin (Post author)

      Glad to hear that, thanks 😉

      Reply
  2. Shahrokh Fallah

    Thanks a lot for your Generosity!!!

    Reply
    1. Martin (Post author)

      You’re welcome and thanks 🙂

      Reply
  3. binu

    Thanks a million

    Reply
    1. Martin (Post author)

      You’re welcome 😉

      Reply
  4. Steve

    You saved a PHP noob from an extended migraine!!! This is short, sweet and worked like a charm. Thank you for taking the time to publish this!

    Reply
    1. Martin (Post author)

      You’re welcome 😉 – I dealed with the same migraine 😀

      Reply
  5. Leandro Matilla

    It works for me!! THANKS <3

    Reply
    1. Martin (Post author)

      Thanks – good to hear 😉

      Reply
  6. William Oorschot

    don’t forget the ” ” is some situations

    curl.cainfo=”C:\Program Files (x86)\PHP\v7.1\extras\ssl\cacert.pem”

    Reply
  7. Teson

    Big thanks! Finally a working TYPO3-installation on IIS.

    Reply
  8. Paul Gilpatrick

    This also worked for me, using the curl.cainfo=”C:\Program Files (x86)\PHP\v7.1\extras\ssl\cacert.pem”

    line (with the apostrophes)

    Reply
  9. Your Admirer

    Thanks so much! It’s hard to find solutions for IIS since most of forums discuss linux-based webservers. This was very helpful!

    Reply
    1. Martin (Post author)

      Thanks for your feedback 🙂

      Reply
  10. Edgardo Sanabria

    Thanks a lot, you saved one life with this

    Reply
    1. Martin (Post author)

      Glad to hear 🙂

      Reply
  11. Matias

    This was a critical issue, and this post was an fresh oasis to me. Thousands thanks and bless you!

    Reply
    1. Martin (Post author)

      Thanks 🙂

      Reply
  12. Cyrille

    Hi
    First a Huge thanks it has saved me !

    But for a wierd reason it works on my computer but not on my production server. The issue remains : cURL error 60: SSL certificate problem: unable to get local issuer certificate (see https://curl.haxx.se/libcurl/c/libcurl-errors.html)

    Maybe another idea?

    Reply
    1. Martin (Post author)

      Hmm…have you tried a reboot, have not seen this before, is the path correct? 😉

      Reply
  13. Mehran

    Thank you!

    Reply
  14. Claudio Martt

    ola pra mim nao funcionou

    GuzzleHttp\Exception\RequestException
    cURL error 60: SSL certificate problem:

    Reply
    1. Martin (Post author)

      Have you followed the guide and placed the cert. in the right path?

      Reply
  15. Maximilian Gehring

    Thanks for the solution!
    Remark: QUOTEMARKS in Windows path were required in php.ini

    Reply
    1. Martin (Post author)

      Thanks – and thanks for the hints 🙂

      Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close