Nico Deblauwe

cURL error 60 when using Laravel HTTP client: a solution

Created January 25, 2023

Maybe you are one of the lucky ones that didn't encounter it, but know that it can happen that you bump into cURL error 60: SSL certificate: unable to get local issuer certificate when using Laravel's built-in HTTP Client. Which is, under the hood, also used by many other packages (like the S3 connection). rzkqsUE.png Strangely, this error typically appears in local development environments only, and not on production servers...

What's happening?

The HTTP Client (that is depending on Guzzle, which in turn uses cURL) uses the system's certificate store to validate SSL certificates (while browsers use their own stores). When using self-signed certificates during development, it is recommended to create your own certificate authority (CA) and add it to your system's store.

The cURL error 60: SSL certificate: xxxx message is a sign that your Certification Authority Certificate file ("cacert.pem") on your local environment got too old (and became outdated). Or that it is not correctly linked.

Don't despair, the solution is simple!

There are two ways to solve this. The recommended fix is that you correctly link a recent Certification Authority Certificate. This is done as follows:

Alternatively, you can also disable verify_host and/or verify_peer, but you understand that if this change makes it into your development code, it probably will also get deployed in production, which is not recommended. But in case you'll want this quick fix, you should be looking at

$response = Http::withOptions([
    'debug' => true,
    'verifiy_host' => false,