Symptoms
The reCAPTCHA module may not able to connect to Google servers. The submission of the captcha causes watchdog errors with cURL enabled.
Technical background:
Googles uses SSL certificates that are signed by a Root Certificate Authority (CA) that may not integrated in most if not all cURL installations. The Guzzle and cURL libraries are typically configured to verify the SSL certificates and refuse the connection if this verification fails. This may be reconfigured with CURL options, but this cannot recommended.
Drupal 6 or Drupal 7
If a contrib module replaced the drupal_http_request()
function in Drupal 7.22 or later with it's own function like HTTPRL or cURL you may see http connection failures. It may be difficult to identify the peer certificate cannot be authenticated errors if the library does not log or show these errors.
Drupal 8
Drupal 8 version uses Guzzle Http Client internally, but under the hood it may use cURL or PHP internals. If you installed PHP cURL on your PHP server it typically uses cURL and you may see an exception with error Peer certificate cannot be authenticated with known CA certificates or error code CURLE_SSL_CACERT (60)
.
Solution:
- Download latest
cacert.pem
from http://curl.haxx.se/docs/caextract.html. - On global PHP level add
curl.cainfo = [enter your path]\cacert.pem
to yourphp.ini
. - Restart Apache service.
Comments
Issue not resolved in Drupal 8.1.0
Still facing the same issue even after following the procedure mentioned
-> Download latest cacert.pem (As txt file) from http://curl.haxx.se/docs/caextract.html
-> Add curl.cainfo = [enter your path]\cacert.pem to your php.ini
-> Restart Apache service
I am using Drupal 8.1.0 on XAMP but the below error keeps on coming
GuzzleHttp\Exception\RequestException: cURL error 60: SSL certificate problem: self signed certificate (see http://curl.haxx.se/libcurl/c/libcurl-errors.html) in GuzzleHttp\Handler\CurlFactory::createRejection() (line 187 of D:\xampp\htdocs\services_display\vendor\guzzlehttp\guzzle\src\Handler\CurlFactory.php).
Note: Posted this issue on https://www.drupal.org/node/2654474#comment-11232057 as well
Thanks
Thanks for your help, greetings.
reCAPTCHA is not the only
reCAPTCHA is not the only Drupal code that can exhibit this problem.
SSL certificate problem: unable to get local issuer certificate
This problem also exists with downloading updates (manual and automatic) in Drupal 8.1.2, wherein Drupal only tries to download tar.gz files, on my Windows systems.
UPDATE (7/20/17): The cacert.pem solution appears to have fixed my problem in both Drupal 7.51 and 8.3.
regards,
DJ
Additional changes if needed
I have made below changes to resolve this issue in the local xampp(Drupal 8.3.1) when execute Guzzle GET request in the custom module.
1. On global PHP level add openssl.cafile= [enter your path]\cacert.pem to your php.ini.
2. Restart Apache service.
Please try this if needed.
Same problem
Same problem for me. It doesn't works with
On global PHP level add curl.cainfo= [enter your path]\cacert.pem to your php.ini..
On global PHP level add openssl.cafile= [enter your path]\cacert.pem to your php.ini.
Restart Apache service.
Any idea ?
Got fixed
I had got same issue on WAMP Server 3.0.8, PHP Version 5.6.25, Apache 2.4.23 and this solution got fixed for my Drupal 8 Website.
Similar WAMP configuration
This solution fixed my Drupal 8 site as well.
---------------------------------------------------
Drupal developer. Available for new projects
If you don't have permission
If you don't have permission to edit the php.ini file, can I do it in other way? es. via setting.php?
Thank you
Finally, it waq the firewall
Finally, it waq the firewall of my company that block it!
yes it worked for me.
you need just 3 steps!
1. download the cacert.pem file from the given url
2. define in php.ini as said
3. restart wamp
and u r ready to go.
Thanks
Ravi Bhadauria
https://www.admecindia.co.in
https://www.web-development-institute.com
https://www.graphic-design-institute.com
https://www.cadtraininginstitute.com
Thank u
download via http://curl.haxx.se/ca/cacert.pem
save under E:\xampp\apache\bin\cacert.pem
open php.ini
add following lines:
curl.cainfo=E:\xampp\apache\bin\cacert.pem
Restart Apache
Updating CA
There is an instruction from RH to update the CA: https://access.redhat.com/solutions/1549003
Best regards,
Ed