cancel
Showing results for 
Search instead for 
Did you mean: 

SSL Migration, PHP + CURL Tests Fail with Error

I am trying to test peer verification against the new certificate but it always fails with "SSL certificate problem: self signed certificate in certificate chain". This usually means that the CA file is invalid, but I am using the recommended cert: "DigiCert Global Root G2". Here are the calls:

$curl_request = curl_init($post_url);
curl_setopt($curl_request, CURLOPT_POSTFIELDS, json_encode($request));
curl_setopt($curl_request, CURLOPT_HEADER, 0);
curl_setopt($curl_request, CURLOPT_TIMEOUT, 45);
curl_setopt($curl_request, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl_request, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($curl_request, CURLOPT_CAINFO, getcwd() . '/auth_net_cert.pem');
curl_setopt($curl_request, CURLOPT_HTTPHEADER, Array("Content-Type: application/json"));
try
{
$jsonResponse = curl_exec($curl_request);
}
aksuska
Member
2 REPLIES 2

I was able to solve this by not specifying the CA file at:

curl_setopt($curl_request, CURLOPT_CAINFO, getcwd() . '/auth_net_cert.pem');

And instead relying on the OS having the appropriate CA chain installed. This issue is that the DigiCert chain includes a self signed certificate, which cannot be used in this manner. Self-signed certificates have to be manually added to the trust store used by the OS or SSL implementation because they are implicitly untrusted.

aksuska
Member

Hello aksuska,

As per below article the cert migration is yet to release: https://support.authorize.net/knowledgebase/Knowledgearticle/?code=KA-05545 

Regards,
Dipesh
Please DONOT submit any sensitive data
dipespat
Contributor

Type a product name