Plugin Author
mainwp
(@mainwp)
Can you go to your Dashboard and go to Status –> server (/wp-admin/admin.php?page=ServerInformation) and locate cURL SSL Version and let me know what that is and also what is in the Server Software section.
cURL SSL Version: OpenSSL/1.0.2k-fips
Server Software: Apache
Plugin Author
mainwp
(@mainwp)
A temporary workaround while you wait for your host is to tell your Dashboard to ignore SSL errors by going into Settings–>Advanced Settings and turning off Verify SSL certificate
Unfortunately, Settings–>Advanced Settings and turning off Verify SSL certificate does not work. My host keeps telling me its website/plugins issue, and they have done everything on their end… I’m confused
I’ve found that deleting DST Root CA X3 certificate from /wp-includes/certificates/ca-bundle.crt file helps on some hostings, but I’m getting another error Installation failed: Not expected HTTP response.
Certificate seems to be fine also, not sure why I’m getting expired certificate error in MainWP:
# openssl s_client -connect shelby**********templates.com:443 -servername shelby**********templates.com
CONNECTED(00000003)
depth=2 C = US, O = Internet Security Research Group, CN = ISRG Root X1
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = R3
verify return:1
depth=0 CN = *.shelby**********templates.com
verify return:1
---
Certificate chain
0 s:/CN=*.shelby**********templates.com
i:/C=US/O=Let's Encrypt/CN=R3
1 s:/C=US/O=Let's Encrypt/CN=R3
i:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
2 s:/C=US/O=Internet Security Research Group/CN=ISRG Root X1
i:/O=Digital Signature Trust Co./CN=DST Root CA X3
---
Server certificate
-----BEGIN CERTIFICATE-----
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
****************************************************************
-----END CERTIFICATE-----
subject=/CN=*.shelby**********templates.com
issuer=/C=US/O=Let's Encrypt/CN=R3
---
No client certificate CA names sent
Peer signing digest: SHA512
Server Temp Key: ECDH, P-256, 256 bits
---
SSL handshake has read 4809 bytes and written 457 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Plugin Author
mainwp
(@mainwp)
cURL SSL Version: OpenSSL/1.0.2k-fips
This needs to be at minimum 1.1. 1.1 was released 4 years ago and solved many issues
This seems to be a global problem with Let’s Encript certificates.
See here for a solution to this problem: https://wp-kama.com/note/error-making-request-wordpress
@tkama – thanks, your solution works great!
I found a wordpress plugin that fixed the Curl Error 60: SSL Certificate Problem: Certificate has expired error quickly and brilliantly!
See https://wordpress.org/plugins/ssl-certificate-manager/
I set the option to Use Newest cURL SSL Certificate. (Recommend!)