How to resolve cURL SSL Certificate Verification Errors on Windows Servers

May 26, 2025 / SSL

If your cURL requests are failing when connecting to HTTPS URLs and you receive an error such as:

cURL error: SSL: certificate verification failed

This usually indicates an issue with the CA certificate bundle (cacert.pem) used by cURL to verify SSL certificates. The problem may occur due to incorrect file paths in php.ini or an outdated cacert.pem file.

This guide explains how to fix the issue on shared Windows hosting and dedicated/Windows VPS servers.

Common reasons for the error:

cURL SSL verification typically fails due to:

  • Missing or outdated cacert.pem file
  • Incorrect path configuration in php.ini
  • OpenSSL is not able to locate the CA certificate bundle
  • Improper SSL verification settings

Important Note:
As a temporary workaround, you can disable SSL verification using the following PHP cURL setting:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

Warning: This is insecure and should never be used in production, as it bypasses essential SSL security checks.

Solution:

For Shared Windows Hosting

  1. Log in to your Control Panel and open File Manager.
  2. Locate your php.ini file at the website level.
  3. Edit php.ini and ensure the following lines point to the correct path:
curl.cainfo = "D:\PHP\cacert.pem"
openssl.cafile = "D:\PHP\cacert.pem"
openssl.capath = "D:\PHP\"
  • Save the file and re-test your cURL request.

 

For Dedicated Windows Servers

  1. Connect to your server via RDP (Remote Desktop).
  2. Navigate to the PHP installation directory. For example:
    C:\PHP\
  3. Open the relevant php.ini file for the PHP version you are using.
  4. Update the following lines:
    curl.cainfo = “C:\PHP\cacert.pem”
    openssl.cafile = “C:\PHP\cacert.pem”
    openssl.capath = “C:\PHP\”
  5. Restart your web server or PHP process for the changes to take effect.

Download the Latest cacert.pem File
If you still face issues, your cacert.pem file might be outdated. Download the latest version from the official cURL site:

  1. Replace the existing cacert.pem file in your PHP directory.
  2. Or rename the old file and copy the new one in its place.
  3. Retry your cURL request.

The majority of cURL SSL certificate verification problems are caused by an out-of-date or incorrect cacert.pem file. In both shared and dedicated Windows hosting situations, the problem can be remedied by making sure the path is right and updating the file.

Managing SSL certificates and secure server connections?
A Windows VPS Hosting solution provides administrator access and the flexibility needed to manage certificates, security settings and Windows server configurations.

Disabling SSL verification should only be done for controlled testing.

Spread the love