PHP client stopped working due to SSL certificate error
8 replies
Last updated: Oct 1, 2021
F
Hi Guys, it seems that the somehow the PHP client has stopped working, from about an hour ago I always get this error on the certificate:
As you can see I’m using the PHP Client inside a wordpress theme, I get this error in any kind of environment: production or local.
PHP Fatal error: Uncaught GuzzleHttp\Exception\RequestException: cURL error 60: SSL certificate problem: certificate has expired (see <https://curl.haxx.se/libcurl/c/libcurl-errors.html>) in /Users/nuovadot/Documents/siti_locali/ciclicorsa_site/wp-content/themes/ciclicorsa-3/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php:201
Stack trace:
#0 /Users/nuovadot/Documents/siti_locali/ciclicorsa_site/wp-content/themes/ciclicorsa-3/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(155): GuzzleHttp\Handler\CurlFactory::createRejection(Object(GuzzleHttp\Handler\EasyHandle), Array)
#1 /Users/nuovadot/Documents/siti_locali/ciclicorsa_site/wp-content/themes/ciclicorsa-3/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php(105): GuzzleHttp\Handler\CurlFactory::finishError(Object(GuzzleHttp\Handler\CurlHandler), Object(GuzzleHttp\Handler\EasyHandle), Object(GuzzleHttp\Handler\CurlFactory))
#2 /Users/nuovadot/Documents/siti_locali/ciclicorsa_site/wp-content/themes/ciclicorsa-3/vendor/guzzlehttp/guzzle/src/Handler/CurlHandler.php(43): in /Users/nuovadot/Documents/siti_locali/ciclicorsa_site/wp-content/themes/ciclicorsa-3/vendor/guzzlehttp/guzzle/src/Handler/CurlFactory.php on line 201
As you can see I’m using the PHP Client inside a wordpress theme, I get this error in any kind of environment: production or local.
Sep 30, 2021, 3:05 PM
F
by cURL docs the errror is:
CURLE_PEER_FAILED_VERIFICATION (60)The remote server’s SSL certificate or SSH md5 fingerprint was deemed not OK. This error code has been unified with CURLE_SSL_CACERT since 7.62.0. Its previous value was 51.
CURLE_PEER_FAILED_VERIFICATION (60)The remote server’s SSL certificate or SSH md5 fingerprint was deemed not OK. This error code has been unified with CURLE_SSL_CACERT since 7.62.0. Its previous value was 51.
Sep 30, 2021, 3:21 PM
P
Thanks for reporting, Federico! We're looking into it to see if this is a cert issue on our end.
Sep 30, 2021, 3:26 PM
F
by cURL docs the errror is:
CURLE_PEER_FAILED_VERIFICATION (60)The remote server’s SSL certificate or SSH md5 fingerprint was deemed not OK. This error code has been unified with CURLE_SSL_CACERT since 7.62.0. Its previous value was 51.
CURLE_PEER_FAILED_VERIFICATION (60)The remote server’s SSL certificate or SSH md5 fingerprint was deemed not OK. This error code has been unified with CURLE_SSL_CACERT since 7.62.0. Its previous value was 51.
Sep 30, 2021, 3:21 PM
F
By forcing the verify flag to false on the httpClient init it works:
$this->httpClient = new HttpClient([
'base_uri' => $this->clientConfig['url'],
'timeout' => $this->clientConfig['timeout'],
'handler' => $this->clientConfig['handler'],
'verify' => false
]);
Sep 30, 2021, 3:33 PM
P
If our theory is correct, and it’s the client-side CA bundle that is too old, you may want to try upgrading CA-certificates. You could also wait while we implement something on our side that should go around this issue, although you may still run into similar errors elsewhere in that case.
Sep 30, 2021, 4:13 PM
P
ETA for our workaround is 30 mins right now
Sep 30, 2021, 4:30 PM
Hi Federico. An update to say everything was rolled out on our end. Please let us know if you're still experiencing any issues.
Sep 30, 2021, 7:50 PM
F
Thanks! everything runs smoothly now.
Oct 1, 2021, 6:58 AM
Sanity– build remarkable experiences at scale
Sanity is a modern headless CMS that treats content as data to power your digital business. Free to get started, and pay-as-you-go on all plans.