SSL error?

  • forkmedia

    (@forkmedia)


    11 years, 2 months ago

    Since upgrading to WC 2.35 and renewing our SSL certificate we have been getting these errors at checkout:

    SSL certificate problem, verify that the CA cert is OK. Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

    I verified the cert is good at both https://www.sslshopper.com/ and https://www.digicert.com/ and the latter also points out that our site is Heartbleed safe, so that’s not the problem.

    My host’s support staff says it lies with either Woocommerce or our processor, Simplify (which is now part of the Woo core).

    Everything worked smoothly before upgrading WC to 2.35.

    https://wordpress.org/plugins/woocommerce/

Viewing 1 replies (of 1 total)
  • Thread Starter forkmedia

    (@forkmedia)

    11 years, 2 months ago

    Woocommerce support ignored this one – so be it, it’s busy here.

    Luckily I kept bugging my host’s support staff and they came up with this solution, included below because it was indeed related to Woocommerce. Note that before the update, our server worked with WC perfectly:

    I went through WooCommerce’s source code and found the cURL code that connects over to Simplify. I didn’t see any mention of SSLv3 being forced, so I dug further and found the URL that your addon uses to communicate with Simplify.

    A simple “openssl s_client -connect api.simplify.com:443” failed because your server did not trust “Entrust”‘s root certificate. Entrust is another SSL provider, much like GeoTrust/Verisign/etc, and they are a newer company so their root certificates were not included in your OpenSSL installation back when CentOS 5 was released.

    I manually updated the list of root certificates that your server trusts, and I’m now able to connect to api.simplify.com using OpenSSL, so I imagine it will work for cURL now within your code.

    It did work, and we’re back in business.

Viewing 1 replies (of 1 total)

The topic ‘SSL error?’ is closed to new replies.