Support » Plugin: OMGF | Host Google Fonts Locally » cURL error 60: SSL certificate problem: certificate has expired

  • Resolved Ambyomoron

    (@josiah-s-carberry)


    When clicking on the Save & Optimize button for the first attempt to use the plugin, I quickly get the error message:

    OMGF encountered an error while fetching this site’s frontend HTML: http_request_failed – cURL error 60: SSL certificate problem: certificate has expired

    Not having any issues in accessing the site from a browser, I am at a loss to understand the cause of this error. Thanks for your help.

Viewing 15 replies - 1 through 15 (of 18 total)
  • Plugin Author Daan van den Bergh

    (@daanvandenbergh)

    You’re gonna have to share your site’s URL for me to check if the cause is indeed your SSL certificate. Because it most likely is… πŸ™‚

    Thread Starter Ambyomoron

    (@josiah-s-carberry)

    I received an answer from my hosting platform, which pointed to this issue at WordPress:

    https://core.trac.wordpress.org/changeset/51883/trunk/src/wp-includes/certificates/ca-bundle.crt

    So, everyone with a Let’s Encrypt certificate is likely to have this problem, dating to 30 September 2021, until WordPress gets it sorted out and releases new code (or until the site owner patches her or his own system).

    The issue apparently has nothing to do with the site’s own certificates which, in my case, are confirmed as up to date and valid.

    Hardcoding a certificate in an executable sounds like a bad decision for precisely the reason that a normal operational task becomes, instead, a new software release. But that is a different story… Maybe the plugin developers can exercise pressure on WordPress to release a correction rapidly.

    Plugin Author Daan van den Bergh

    (@daanvandenbergh)

    Thanks for sharing this info!

    So, the temporary workaround is basically to remove the mentioned lines from ca-bundle.crt?

    Thread Starter Ambyomoron

    (@josiah-s-carberry)

    This issue appears to have been resolved with the update of WordPress to 5.8.2, which does indeed update the offending file, wp-includes/certificates/ca-bundle.crt

    Plugin Author Daan van den Bergh

    (@daanvandenbergh)

    Awesome! Thats good to know. Thank you for your response!

    David

    (@germanprisoner)

    Same problem appears with WordPress 5.8.3

    OMGF encountered an error while fetching this site’s frontend HTML: http_request_failed – cURL error 60: SSL certificate problem: certificate has expired

    Certificate is valid

    Plugin Author Daan van den Bergh

    (@daanvandenbergh)

    Have you tried removing the lines mentioned earlier in this thread from the ca-bundle.crt?

    David

    (@germanprisoner)

    Thank you! Not sure yet if it works but will confirm once it has been tested

    • This reply was modified 3 months, 2 weeks ago by David.
    David

    (@germanprisoner)

    Hi @daanvandenbergh,

    Which lines have to be removed in the file
    https://core.trac.wordpress.org/changeset/51883/trunk/src/wp-includes/certificates/ca-bundle.crt ?

    Plugin Author Daan van den Bergh

    (@daanvandenbergh)

    Have a look at this link: https://core.trac.wordpress.org/changeset/51883/trunk/src/wp-includes/certificates/ca-bundle.crt

    And scroll down a bit. It’s the area marked red.

    David

    (@germanprisoner)

    Hi @daanvandenbergh I could not find the DST Root CA X3 certificate in the file wp-includes/certificates/ca-bundle.crt

    Is there anything else that could cause this issue?

    Plugin Author Daan van den Bergh

    (@daanvandenbergh)

    Hi David,

    I’m working on a complete refactor of OMGF, which no longer uses an API. So, that’ll resolve this SSL issue.

    The Download API has given me more headaches compared to the flexibility it offers, so… It was time πŸ™‚

    I’m hoping to release it by the end of this week!

    Plugin Author Daan van den Bergh

    (@daanvandenbergh)

    Hi @germanprisoner,

    I wanted to notify you of the fact that OMGF v5 was released last week. It works without an API, so SSL related issues are non-existent as of now. πŸ™‚

    Give it a try?

    I’m using 5.1.0.
    I have serval sites with OMGF for my customers with no problem. Only one site got this error. I have a mirror of the site for testing. Testing works, production site not.
    Working: test.engelmann.de
    Not working: http://www.engelmann.de

    Difference? Some less, One SSL-Sertificate from Hosting (Strato), one from Let’s entrypted (test-site).

    Two plugins “Google Analytics” and “Anti-Malware-Sicherheit und Brute-Force-Firewall” are only on the production-site.

    Some suggestions what to do?

    Plugin Author Daan van den Bergh

    (@daanvandenbergh)

    What happens when you temporarily disable the Brute Force protection plugin and run a scan?

Viewing 15 replies - 1 through 15 (of 18 total)
  • You must be logged in to reply to this topic.