Support » Plugin: Duo Two-Factor Authentication » Last update breaks site with self signed SSL certificate

  • Resolved Bart


    Dou Security worked very well on my sites, but with the last version I get a lot of warnings and errors when I log in to my site. 🙁

    Warning: file_get_contents() [function.file-get-contents]: SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed in /home/overvloed/domains/my_domain/public_html/wp-content/plugins/duo-wordpress/duo_wordpress.php on line 401


    I looks like Duo Security developers forget that a lot of site owners use self signed certificates to encrypt there dashboard. 🙁

    Please fix this, e.g. with a option to switch off the SSL check.

    Thanks, Bart

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author Duo Security


    Hey, Bart!

    Thanks for the heads-up. We’re looking at this – and will be back to you soonest, as soon as we have more news and/or questions about this problem.

    Thanks for getting in touch – and for using Duo!

    Same here. Had to deactivate the plugin by renaming it via FTP. Looking forward to the fix.

    Plugin Author Duo Security


    This issue has been resolved in the newest version of our plugin (1.5.2)

    To give a basic idea of what caused this, we implemented certificate verification in the 1.5.1 update. Many distros do not contain a copy of the root certificate used by our service, so they failed to validate the certificate chain. We have included a copy of the root cert our service chains back to with the package to resolve this issue.

    Thanks for working out a solution for this. Great to work work with you guys!

    — Bart

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Last update breaks site with self signed SSL certificate’ is closed to new replies.