If you use cURL on your private machine or server you may experience some problems connecting to websites using https or redirecting you to a https version of the website. One example for this problem is the Facebook Graph API. XAMPP as an example doesn’t ship with any certificates so you have to fix this problem by yourself.
Now, many users just set
to false. However, this is not the correct way to do it, because it disables the certificate validation by it’s certificate authority. This exposes you to a man-in-the-middle attack.
Fixing this problem the right way is fairly easy. On the official cURL-site you can download up-to-date cerficate authorities here. I for one put the file into the same directory as my php.ini. If you have no idea where your php.ini is, then simply run the following command on the command line
For MAC OS X and XAMPP it would be
Now, with the help of the output, you can see where your php.ini is located. The output can look like this.
Configuration File (php.ini) Path: /Applications/XAMPP/xamppfiles/etc Loaded Configuration File: /Applications/XAMPP/xamppfiles/etc/php.ini Scan for additional .ini files in: (none) Additional .ini files parsed: (none)
From this output I can see that the php.ini would be located under
In this foler, I will now save the downloaded certificates and afterwards open the php.ini with my favorite text editor. Scroll down to the end of the file and add this line
curl.cainfo=<path-to>cacert.pem #In my case: /curl.cainfo=/Applications/XAMPP/xamppfiles/etc/cacert.pem
Hope it’s easy to understand and you fixed this problem now. Happy coding!