Applicable to:
- Plesk for Linux
- Plesk for Windows
-
A website or PHP scripts show the following error:
CONFIG_TEXT: cURL error (77): Problem with the SSL CA cert (path? access rights?)cURL error (77): Problem with the SSL CA cert (path? access rights?)
CONFIG_TEXT: Error : "error setting certificate verify locations: CAfile: C:\Parallels\Plesk\Additional\PHPSettings\cacert.pem CApath: none"
CONFIG_TEXT: cURL error 77: error setting certificate verify locations: CAfile: /etc/ssl/certs/cacert.pem CApath: /etc/ssl/certs
-
On Plesk for Windows the Extensions menu may show the following error when trying to open it:
PLESK_ERROR: error setting certificate verify locations: CAfile: C:\Program Files (x86)\Plesk\admin\conf\cacert.pem CApath: none
Cause
PHP cURL uses an outdated set of root certificates to verify server certificates.
Resolution
-
Install
Panel.ini Editorextension: Extensions > Server Tools section > Panel.ini Editor. -
Go to Extensions > My Extensions > Panel.ini Editor (Go To Extension) > Editor.
-
Add records below to the editor and Save changes:
CONFIG_TEXT: [php]
curlCertificatesUrl="http://curl.haxx.se/ca/cacert.pem"
-
Wait until Daily task is executed (It is executed once a day).
-
Go to Domains > example.com > PHP Settings and add the line below into Additional configuration directives. Replace path to
cacert.pemwith your own path.CONFIG_TEXT:
curl.cainfo="C:\Program Files (x86)\Plesk\Additional\PHPSettings\cacert.pem"
If it is required to apply the changes for all the domains using a particular PHP version go to Tools & Settings > PHP Settings> %php_version%, click on php.ini tab and add the aforementioned line:
-
Log in to the server via RDP.
-
Download the
cacert.pemfile from the main curl website http://curl.haxx.se/ca/cacert.pem. -
Open
[%plesk_dir%](https://support.plesk.com/hc/en-us/articles/213903325))admin\conf\panel.inifile (create it if does not exist)Note: %plesk_dir% by default is C:\Program Files (x86)\Plesk\
-
Add below directive to
panel.ini.CONFIG_TEXT: [php]
curlCertificatesUrl="http://curl.haxx.se/ca/cacert.pem -
Place downloaded cacert.pem to
[%plesk_dir%](https://support.plesk.com/hc/en-us/articles/213903325)Additional\PHPSettings\directory. -
Wait until Daily task is executed (It is executed once a day).
-
Connect to the server using SSH.
-
Download the CA certificate store from the official cURL website and move it to the directory
/etc/ssl/certs/:# wget https://curl.haxx.se/ca/cacert.pem && mv cacert.pem /etc/ssl/certs/
-
Log into Plesk.
-
Go to Tools & Settings > PHP Settings > select the required PHP version > php.ini.
-
Add the following line into the end of the file:
CONFIG_TEXT: curl.cainfo="/etc/ssl/certs/cacert.pem"
-
Click OK to save the file
Comments
9 comments
Is there a scheduled task which replaces the cacert.pem every night? Because if I replace the file with one I recently downloaded, all is working fine. But after one day the same error is existing again. Only replacing again helps.
@Fabian, Yes. Take a look at https://support.plesk.com/hc/en-us/articles/115003221993-Why-cacert-pem-file-is-being-overwritten-with-old-certificate-permanently-
You the best!!!!!!!
Anything for Centos 7 on this issue?
Same problem but with centOS, what is the solution for centOS?
Many thanks!
@Kevin Houghton from Web Enthusiasts, @Alessandro Diamantakidis,
For the particular domain:
1. Connect to the server using SSH.
2. Download the CA certificate store from the official cURL website and move it to the directory
/etc/ssl/certs/:3. Log into Plesk.
4. Go to Domains > example.com > PHP Settings.
5. Add the following line into the field Additional configuration directives:
6. Click OK or Apply to save the changes.
For all domains under particular PHP version:
1. Log into Plesk.
2. Go to Tools & Settings > PHP Settings > select the required PHP_version > php.ini.
3. Add the following line into the end of the field:
@Anzhelika Khapaknysh
It worked for me !
Thanks a lot dear Anzhelika.
@Anzhelika Khapaknysh @Kevin Houghton from Web Enthusiasts, @Alessandro Diamantakidis,
It is not working for me. Do you have an other solution to fix this? After two days of searching for a solution, I give up. :(
Thank you in advance
Hello Jadui_NL
In case none of this solution helped, I would suggest contacting technical support.
Depending on where Plesk license was purchased, you may submit a support request directly to Plesk or to the company the license was purchased from.
Please sign in to leave a comment.