I’m having an issue with a WordPress plugin whereby it’s returning the error ‘The SSL certificate for the host could not be verified.’. The endpoint it’s trying to connect to is paypal:
https://api-3t.paypal.com/nvp
If on the server command line I run:
curl -v https://api-3t.paypal.com/nvp
it returns ‘SLL certificate verify OK’, so I assume my cacert.pem file is up-to-date and it’s not an issue with the certificate files on the server. To rule this out I have tried copying the latest pem file from here: http://curl.haxx.se/ca/cacert.pem and directing php.ini to it but no change. Switching off https_ssl_verify using a wordpress filter does work, but obviously this doesn’t fix the actual problem and is a security vulnerability.
I notice in WordPress core files in class-http.php it points to it’s own ca-bundle.crt file which I’ve also tried updating:
‘sslcertificates’ => ABSPATH . WPINC . ‘/certificates/ca-bundle.crt’,
The path is correct and the file exists.
Stumped. Any suggestions?
