Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
I have a local site that I'm trying to test on the paypal sandbox with express payments. I'm getting the following error in my log
cURL error: SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
and when I click the Checkout with paypal button I get the following message: Redirect to PayPal Express Checkout failed. Please try again or contact an administrator to resolve the issue.
Any ideas what I'm doing wrong?
Sharon
Comments
Comment #1
rszrama CreditAttribution: rszrama commentedWhat web server are you testing with?
Comment #2
SharonD214@aol.com CreditAttribution: SharonD214@aol.com commentedApache Web server Version 2.2.22
Thanks
Sharon
Comment #3
pcoucke CreditAttribution: pcoucke commentedSee https://drupal.org/project/commerce_paypal at the bottom:
From commerce_paypal_api_request():
I downloaded the file from http://curl.haxx.se/docs/caextract.html, added the line below to settings.php and it was resolved:
Comment #4
mlecha CreditAttribution: mlecha commentedSame issue here, cURL error with PayPal API requests failing due to SSL certificate verification.
Downloading the download the CA certificate bundle file and setting the commerce_paypal_cacert variable worked for my local setup, which is XAMPP version 1.7.7.
How to do I test if this is required on my live site?
My live site is working fine on Commerce PayPal 1.0, is the 2.2 module likely to be broken in this way?
Anything I can look for in phpinfo() to see if this fix is needed on the live server?
Thank you!
Comment #5
rszrama CreditAttribution: rszrama commentedThanks for following up here. I'd just give it a shot and see what happens. If you're running in a reasonably modern hosting environment for your live site, it should resolve those SSL certificates just fine. If not, it's a quick process to make it work.
Comment #6
mstrelan CreditAttribution: mstrelan commentedHow about only enabling the verify peer option for live transactions?