Archive for February, 2012

When you use a library that wraps an API (Facebook PHP SDK, AWS PHP SDK) usage, it often boils down to cURL in the core. These libraries often want to communicate over SSL by default. So, any call you make on these libraries involves a cURL request over a SSL connection. The problem with this is that cURL does not ship CA certificates bundle any more, so SSL certificates of the sites the requests are addressed to cannot be verified.

For instance, with AWS PHP SDK, you’ll get the following error if your cURL setup is not fixed:

Fatal error: Uncaught exception 'cURL_Exception' with message 'cURL resource: Resource id #10; cURL error: SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (cURL error code 60). See http://curl.haxx.se/libcurl/c/libcurl-errors.html for an explanation of error codes.' in C:\Users\Engin\Code\PHP\unuttumbile\AWSSDKforPHP\lib\requestcore\requestcore.class.php:824
Stack trace:
#0 C:\Users\Engin\Code\PHP\unuttumbile\AWSSDKforPHP\services\s3.class.php(895): RequestCore->send_request()
#1 C:\Users\Engin\Code\PHP\unuttumbile\AWSSDKforPHP\services\s3.class.php(1125): AmazonS3->authenticate('php-sdk-getting...', Array)
#2 C:\Users\Engin\Code\PHP\unuttumbile\AWSSDKforPHP\_samples\cli-s3_get_urls_for_uploads.php(60): AmazonS3->create_bucket('php-sdk-getting...', 's3-us-west-1.am...')
#3 {main}
thrown in C:\Users\Engin\Code\PHP\unuttumbile\AWSSDKforPHP\lib\requestcore\requestcore.class.php on line 824

cURL explains the situation in depth here.

2 step easy solution: