Support » Plugin: Wordfence Security - Firewall & Malware Scan » cURL error 60 SSL certificate problem

  • Resolved David Bee

    (@davidbawiec)


    Hi,

    I’m running a local WordPress development environment on my Mac using MAMP Pro, which is a mirror replica of my live site. This local environment uses SSL via a self-signed certificate that I created in MAMP. Everything seems to work fine, however, if I go under Wordfence Diagnostics, I get an error under the Connectivity section -> Connecting back to this site, with the following message:
    wp_remote_post() test back to this server failed! Response was: cURL error 60: SSL certificate problem: unable to get local issuer certificate
    If I run my site under HTTP, there is no Connectivity error. It only occurs when using HTTPS (accessing the site under https://local.mydomain.com).

    Please advise.
    Thanks! 🙂

    • This topic was modified 7 months, 1 week ago by David Bee.
Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Support wfdave

    (@wfdave)

    Hi @davidbawiec,

    You mentioned that it was a self-signed certificate.

    When Wordfence attempts to connect to your site, it tries to verify the certificate with a public CA. However, since your certificate was locally signed, there isn’t a public authority to verify your certificate.

    You have a few options:

    1. Use a signing agent to create your development’s certificates. Such as CertBot ( https://certbot.eff.org/instructions )

    2. Test your site without SSL

    3. Disable SSL verification within your testing site. You can do this by adding this line into the file /wp-content/themes/YOUR_THEME/functions.php:

    add_filter('https_ssl_verify', '__return_false');

    Only add this on a testing site, never on a live site.

    Dave

    David Bee

    (@davidbawiec)

    Great suggestions, Dave! Thank you! For now, option 3 worked great. Will look into creating official certificates for the local development servers.

    Thanks!

    Hey @wfdave – does this mean there’s no way to use the scan functionality on a site using HSTS? We’re using a Cloudflare origin cert for our SSL and we get:

    wp_remote_post() test back to this server failed! Response was: cURL error 60: SSL certificate problem: unable to get local issuer certificate

    Is there no way to use the scan functionality besides mangling our SSL cert config (swapping it out for one from Certbot), cloning the site to a completely new environment (a day of work), or disabling HSTS (not an option)?

    Thanks for reading! Any advice would be great!

Viewing 3 replies - 1 through 3 (of 3 total)
  • You must be logged in to reply to this topic.