How to resolve cURL SSL Certificate Verification Errors on Windows Servers May 26, 2025

May 26, 2025 / SSL

If your cURL requests are failing to connect to SSL-enabled (HTTPS) endpoints and you’re seeing an error like:

cURL error: SSL: certificate verification failed

This typically indicates an issue with the cURL CA certificate (cacert.pem) file, either due to a missing file path configuration or an outdated certificate bundle.

This article provides step-by-step instructions for resolving the issue on shared and dedicated Windows hosting environments.

Reason:
This error is usually caused by one of the following:

  • The cacert.pem file is missing or outdated.
  • The php.ini configuration file does not reference the correct location of the cacert.pem file.
  • SSL verification is failing due to improper setup.

Important Note:
As a temporary workaround, you can disable SSL verification using the following PHP cURL setting:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

Warning: This method is insecure and not recommended for production environments, as it bypasses SSL certificate validation.

Solution:

For Shared Windows Hosting

  1. Log in to your Control Panel and navigate to File Manager.
    file manager
  2. Locate your php.ini file at the site level.
    php.ini
  3. Edit your php.ini file and ensure the following line points to the correct path: 
    curl.cainfo = “D:\PHP\cacert.pem”
  4. Also, update the following values for consistency: 
    openssl.cafile = “D:\PHP\cacert.pem”
openssl.capath = “D:\PHP\”
  5. Save the file and test your cURL request again.
    save changes

For Dedicated Windows Servers

  1. Connect to your server via RDP (Remote Desktop).
  2. Navigate to the PHP installation directory. For example: 
    C:\PHP\
  3. Open the relevant php.ini file for the PHP version you are using.
  4. Update the following lines: 
    curl.cainfo = “C:\PHP\cacert.pem”
openssl.cafile = “C:\PHP\cacert.pem”
openssl.capath = “C:\PHP\”
  5. Restart your web server or PHP process for the changes to take effect.

Download the Latest cacert.pem File
If you still face issues, your cacert.pem file might be outdated. Download the latest version from the official cURL site:

  1. Replace the existing cacert.pem file in your PHP directory.
  2. Or rename the old file and copy the new one in its place.
  3. Retry your cURL request.

By ensuring the correct path to the cacert.pem file and keeping it updated, you can resolve most cURL SSL verification errors in Windows-based environments. Avoid disabling SSL verification unless you are testing in a secure, local environment.

Spread the love
Tagged:

Related Articles

How to Use AutoSSL in cPanel to Install an SSL Certificate

April 21, 2025

How to Generate a CSR and Install an SSL Certificate in Plesk

February 4, 2025

How to resolve website access issues after SSL installation

August 25, 2024

How to run AutoSSL in SSL/TLS

July 18, 2024
Posted in: SSL Tagged with: