Curl error: Failed to connect to 103.16.101.52 port 8080: Connection refusedresource(4) of type (mysql result) code snippets works in localsystem. It's not working prod enviornment. Php curl snippet. Linux curl command Updated: by Computer Hope The curl command transfers data to or from a network server, using one of the supported protocols ( HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, DICT, TELNET, LDAP or FILE).
I am getting the following error using curl:
How do I set this certificate verify locations? Thanks.
Josh8,96499 gold badges5656 silver badges9797 bronze badges
moorecatsmoorecats1,11233 gold badges1111 silver badges2121 bronze badges
22 Answers
This error is related to a missing package:
ca-certificates
. Install it.In Ubuntu Linux (and similar distro):
In CygWin via Apt-Cyg
In Arch Linux (Raspberry Pi)
The documentation tells:
This package includes PEM files of CA certificates to allow SSL-based applications to check for the authenticity of SSL connections.
As seen at: Debian -- Details of package ca-certificates in squeeze
Ionică Bizău61.9k5858 gold badges212212 silver badges369369 bronze badges
Rubens MariuzzoRubens Mariuzzo18.9k2121 gold badges100100 silver badges141141 bronze badges
![Curl Error #:error Setting Certificate Verify Locations Curl Error #:error Setting Certificate Verify Locations](/uploads/1/2/5/8/125826960/563918732.png)
I also had the newest version of ca-certificates installed but was still getting the error:
The issue was that curl expected the certificate to be at the path
/etc/pki/tls/certs/ca-bundle.crt
but could not find it because it was at the path /etc/ssl/certs/ca-certificates.crt
.Copying my certificate to the expected destination by running
worked for me. You will need to create folders for the target destination if they do not exist by running
If needed, modify the above command to make the destination file name match the path expected by curl, i.e. replace
Scott EmmonsScott Emmons/etc/pki/tls/certs/ca-bundle.crt
with the path following 'CAfile:' in your error message.1,57522 gold badges99 silver badges99 bronze badges
Put this into your
.bashrc
(see comment from Robert)
Yauhen YakimovichYauhen Yakimovich9,50555 gold badges5050 silver badges5959 bronze badges
Create a file
~/.curlrc
with the following contentprabeeshprabeesh
The quickest way to get around the error is add on the -k option somewhere in your curl request. That option 'allows connections to SSL cites without certs.' (from curl --help)
Be aware that this may mean that you're not talking to the endpoint you think you are, as they are presenting a certificate not signed by a CA you trust.
For example:
gave me the following error response:
I added on -k:
and no error message. As a bonus, now I have apt-cyg installed. And ca-certificates.
10gistic10gistic
@roens is correct. This affects all Anaconda users, with below error
curl: (77) error setting certificate verify locations: CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none
The workaround is to use the default system curl and avoid messing with the prepended Anaconda
PATH
variable. You can either - Rename the Anaconda curl binary :)
mv /path/to/anaconda/bin/curl /path/to/anaconda/bin/curl_anaconda
- OR remove Anaconda curl
conda remove curl
$ which curl/usr/bin/curl
[0] Anaconda Ubuntu curl Github issuehttps://github.com/conda/conda-recipes/issues/352
Harsha ManjunathHarsha Manjunath
Mark Fox5,45777 gold badges4242 silver badges7070 bronze badges
Puri-iOS DeveloperPuri-iOS Developer
This worked for me
then go into the certificates folder at
then you copy the ca-certificates.crt file into the
/etc/pki/tls/certs
if there is no tls/certs folder: create one and change permissions using chmod 777 -R folderNAME
Opal56.5k2121 gold badges118118 silver badges133133 bronze badges
Kwame YeboahKwame Yeboah
Another alternative to fix this problem is to disable the certificate validation:
Pablo R. MierPablo R. Mier48011 gold badge55 silver badges1313 bronze badges
For PHP code running on XAMPP on Windows I found I needed to edit php.ini to include the below
and then copy to a file https://curl.haxx.se/ca/cacert.pem and rename to curl-ca-bundle.crt and place it under xampp path (I couldn't get curl.capath to work). I also found the CAbundle on the cURL site wasn't enough for the remote site I was connecting to, so used one that is listed with a pre-compiled Windows version of curl 7.47.1 at http://winampplugins.co.uk/curl/
LJTLJT88622 gold badges1616 silver badges2424 bronze badges
curl performs
SSL
certificate verification by default, using a 'bundle' of Certificate Authority (CA)
public keys (CA certs). The default bundle is named curl-ca-bundle.crt; you can specify an alternate file using the --cacert option.If this
HTTPS
server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL).If you'd like to turn off curl's verification of the certificate, use the -k (or
--insecure
) option.for example
medameda40.6k1111 gold badges7373 silver badges114114 bronze badges
It seems your curl points to a non-existing file with CA certs or similar.
For the primary reference on CA certs with curl, see: https://curl.haxx.se/docs/sslcerts.html
Daniel StenbergDaniel Stenberg33.7k1010 gold badges7272 silver badges130130 bronze badges
For what it's worth, checking
which curl
is being run is significant too.A user on a shared machine I maintain had been getting this error. But the cause turned out to be because they'd installed Anaconda (http://continuum.io). Doing so put Anaconda's binary path before the standard
$PATH
, and it comes with its own curl
binary, which had trouble finding the default certs that were installed on this Ubuntu machine.roensroens
I had the exact same problem. As it turns out, my
/etc/ssl/certs/ca-certificates.crt
file was malformed. The last entry showed something like this:After adding a newline before
-----END CERTIFICATE-----
, curl was able handle the certificates file.This was very annoying to find out since my
update-ca-certificates
command did not give me any warning.This may or may not be a version specific problem of curl, so here is my version, just for completeness:
ShrimpPhaserShrimpPhaser
Run following command in git bash that works fine for me
J4cKJ4cK22.7k66 gold badges3434 silver badges4949 bronze badges
If you're using homebrew on macOS or linuxbrew in linux, try to reinstall the
openssl
and curl
with the following steps from this page.This error message indicates that curl is not able to establish a secure connection using openssl. A reinstall of openssl should fix the problem. To temporarily make use of an insecure connection for both curl and git to download any necessary files, run:
Then, install or reinstall openssl and curl:
Finally, undo the security changes to make curl and git use secure connections again:
You may need to start a new shell session to verify the result with
If it shows the following output in output, the problem should be resolved!
References:
ItachiItachi2,98222 gold badges2121 silver badges5151 bronze badges
Just create the folders, which is missing in your system..
/etc/pki/tls/certs/
and create the file using the following command,
sudo apt-get install ca-certificates
and then copy and paste the certificate to the destination folder, which is showing in your error.. mine was '
with message 'error setting certificate verify locations: CAfile: /etc/pki/tls/certs/ca-bundle.crt CApath: none' in
' make sure you paste the file to the exact location mentioned in the error. Use the following command to copy paste..sudo cp /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt
Fixed.
Manu R SManu R S
The error is due to corrupt or missing SSL chain certificate files in the PKI directory. You’ll need to make sure the files ca-bundle, following steps:In your console/terminal:
Enter this site: https://rpmfind.net/linux/rpm2html/search.php?query=ca-certificates , get your ca-certificate, for SO.Copy url of download and paste in url: wget your_url_donwload_ca-ceritificated.rpmnow, install yout rpm:
now restart your service:my example this command:
Santos L. VictorSantos L. Victor
pheeleeppoo1,07911 gold badge1717 silver badges2222 bronze badges
Reza FarshiReza Farshi
I found this fix to be an easy and secure fix.It just involves changing the path of two values in the
php.ini
file.Follow the instructions here:https://ourcodeworld.com/articles/read/196/xampp-wampp-php-ssl-certificate-error-unable-to-get-local-issuer-certificateWill WardWill Ward
Bellow describe the steps to fixed the issues.
1. Find out the file is exists on the define url.
2. If not then download the file from the url. https://curl.haxx.se/ca/cacert.pem
3. Copy and pest the file into the defined path on php.ini file.
4. Restart the apache service.
1. Find out the file is exists on the define url.
2. If not then download the file from the url. https://curl.haxx.se/ca/cacert.pem
3. Copy and pest the file into the defined path on php.ini file.
4. Restart the apache service.
tapas talukdertapas talukder
I had this problem and it turned out my version of CURL couldn't parse DER-encoded certificates (and wasn't paying attention to the --cert-type option either). When I converted the certificate to PEM format it worked.
Joshua DaviesJoshua Davies
protected by Community♦Aug 20 '16 at 18:47
Thank you for your interest in this question. Because it has attracted low-quality or spam answers that had to be removed, posting an answer now requires 10 reputation on this site (the association bonus does not count).
Would you like to answer one of these unanswered questions instead?
Would you like to answer one of these unanswered questions instead?