🔠Want to get alerted when your SSL certificate doesn't work?
Go to Better Stack and start monitoring in 5 minutes.
Solved: (cron) info (No MTA installed, discarding output) error
Better Stack Team
Updated on October 5, 2023
Problem
Received SSL certificate problem: unable to get local issuer certificate error
when executing curl request to a secure HTTPS destination.
Cause of the problem
If you get SSL certificate problem: unable to get local issuer certificate error, it's an indication that your root and intermediate certificates on the system are not working correctly or not set up correctly.
Solution
- Download the latest
cacert.pemfrom https://curl.haxx.se/ca/cacert.pem - Add the
--cacert /path/to/cacert.pemflag to the curl command to tell curl where the local Certificate Authority file is.
If you are using PHP:
Add the following line to the php.ini file or users.ini if you are on the shared hosting:
curl.cainfo="/path/to/downloaded/cacert.pem"
Got an article suggestion?
Let us know
Explore more
Does each subdomain need its own SSL certificate?
This depends purely on what type of certificate you have. You can have a standard single domain certificate. Aside from that, you can also get two following types of certificates.
Questions
Solved: Error 526 Invalid SSL Certificate
Error 526 indicates Cloudflare is unable to successfully validate the SSL certificate on the origin web server and the SSL setting in the Cloudflare SSL/TLS app is set to Full SSL (Strict) for the website.
Questions
How to generate a private key for the existing .crt file on Apache?
Unfortunately, this is not possible. You cannot generate a private key out of an existing certificate. If it would be possible, you would be able to impersonate virtually any HTTPS webserver.
Questions
Solved: SSL_Error_rx_record_too_long
The usual cause is that the implementation of SSL on your server is not correct. The error is usually caused by a server-side problem which the server administrator will need to investigate.
Questions
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
-
Does each subdomain need its own SSL certificate?
This depends purely on what type of certificate you have. You can have a standard single domain certificate. Aside from that, you can also get two following types of certificates.
Questions -
Solved: Error 526 Invalid SSL Certificate
Error 526 indicates Cloudflare is unable to successfully validate the SSL certificate on the origin web server and the SSL setting in the Cloudflare SSL/TLS app is set to Full SSL (Strict) for the website.
Questions -
How to generate a private key for the existing .crt file on Apache?
Unfortunately, this is not possible. You cannot generate a private key out of an existing certificate. If it would be possible, you would be able to impersonate virtually any HTTPS webserver.
Questions -
Solved: SSL_Error_rx_record_too_long
The usual cause is that the implementation of SSL on your server is not correct. The error is usually caused by a server-side problem which the server administrator will need to investigate.
Questions
Make your mark
Join the writer's program
Are you a developer and love writing and sharing your knowledge with the world? Join our guest writing program and get paid for writing amazing technical guides. We'll get them to the right readers that will appreciate them.
Write for usWriter of the month
Marin Bezhanov
Marin is a software engineer and architect with a broad range of experience working...
Build on top of Better Stack
Write a script, app or project on top of Better Stack and share it with the world. Make a public repository and share it with us at our email.
community@betterstack.comor submit a pull request and help us build better products for everyone.
See the full list of amazing projects on github