Fixing PHP Environment (Baota Panel) SSL Certificate Problem: Certificate Has Expired

Publish: 2022-05-15 | Modify: 2022-05-15

Recently, when troubleshooting an issue for a client, I encountered a 500 error. I opened PHP Debug mode and found the detailed error message as follows:

AWS HTTP error: cURL error 60: SSL certificate problem: certificate has expired

At first glance, I thought it was because the SSL certificate of the target address had expired. However, after confirming multiple times, the SSL certificate of the target address was normal, and other devices could request it without any issues. But the PHP environment in Baota was unable to request the target URL, even after trying to change the PHP version.

Solution

Enter the server terminal and execute the following command to download the root certificate:

# Download the root certificate
wget --no-check-certificate https://curl.haxx.se/ca/cacert.pem

In the Baota panel, find your corresponding PHP version - Settings - Configuration File.

Search for the following two keywords: curl.cainfo/openssl.cafile. Modify the paths of these two parameters to the path of the cacert.pem certificate downloaded earlier. For example:

curl.cainfo = /xxx/cacert.pem
openssl.cafile = /xxx/cacert.pem

Then restart PHP and test again. The problem should be resolved.


Comments