Google Analytics Dashboard for WP authentication not possible

This is how you edit a file in hostgator: https://support.hostgator.com/articles/cpanel/how-to-createeditdelete-a-file-using-the-file-manager

You will need to replace the code from test.php file with the above code.

OK, I will let you know the outcome ??

OK, done. This is the error log:
Last Error: exception ‘Google_IOException’ with message ‘HTTP Error: (0) Problem with the SSL CA cert (path? access rights?)’ in /home3/golfhsp/public_html/wp-content/plugins/google-analytics-dashboard-for-wp/tools/src/io/Google_CurlIO.php:123
Stack trace:
#0 /home3/golfhsp/public_html/wp-content/plugins/google-analytics-dashboard-for-wp/tools/src/auth/Google_OAuth2.php(103): Google_CurlIO->makeRequest(Object(Google_HttpRequest))
#1 /home3/golfhsp/public_html/wp-content/plugins/google-analytics-dashboard-for-wp/tools/src/Google_Client.php(127): Google_OAuth2->authenticate(Array, ‘4/3yQuH16X0IvT9…’)
#2 /home3/golfhsp/public_html/wp-content/plugins/google-analytics-dashboard-for-wp/admin/ga_dash_settings.php(572): Google_Client->authenticate(‘4/3yQuH16X0IvT9…’)
#3 [internal function]: GADASH_Settings::general_settings(”)
#4 /home3/golfhsp/public_html/wp-includes/plugin.php(429): call_user_func_array(Array, Array)
#5 /home3/golfhsp/public_html/wp-admin/admin.php(217): do_action(‘toplevel_page_g…’)
#6 {main}

What’s next?

A curl.log file was generated along test.php. Open curl.log from here:

https://golf-hotspots.com/curl.log

You’ll see a warning on SSL verify and that the CA path is none! The same error as the one reported by my plugin.

Send that to hostgator.

OK, Thank you. Let’s see what Hostgator has to say.

Hostgator answered:
HI Michaela,

We have been looking further into this with the test script and our research shows that the CA Path is not necessary when the CA file is present:

/etc/pki/tls/certs/ca-bundle.crt

According to https://www.php.net/manual/en/context.ssl.php:

capath? string: If? cafile? is not specified or if the certificate is not found there, the directory pointed to by? capath? is searched for a suitable certificate.? capath? must be a correctly hashed certificate directory.

Furthermore, that can also be specified in the settigns such that it won’t say CA path none:

curl_setopt($curl, CURLOPT_CAPATH, ‘/etc/pki/tls/certs/’);

Here’s the log output when we ran it that way:

* About to connect() to https://www.google.com port 443 (#0)
* Trying 74.125.198.104…
* connected
* Connected to https://www.google.com (74.125.198.104) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: /etc/pki/tls/certs/ca-bundle.crt
CApath: /etc/pki/tls/certs/
* SSL connection using ECDHE-RSA-AES128-GCM-SHA256
* Server certificate:

Can’t figure out what’s wrong, as long as curl returns an error there’s nothing i can do. I don’t have a hostgator account to drive more detailed tests.

If they find anything wrong they can submit a bug for Google API PHP Client here https://github.com/google/google-api-php-client/pulls?state=open.

I can’t submit it because I can’t replicate the error on none of my hosting providers.

I was able to clear this error & authenticate the analytics account with the collowing:

1. SSH to site root
2. wget https://curl.haxx.se/ca/cacert.pem
3. Open wp-config.php
4. At end add:
define(“curl.cainfo”,”/cacert.pem”);

Had to do it this way on Hostgator, since the php.ini file was untouchable & I didn’t want to break wordpress with a generic ini file.

This only helped the google plugin; the dashboard RSS widget displays the same path?.., error. Doh!

Good Luck.

Is this a secure solution, since the https://curl.haxx.se/ca/cacert.pem is public anyway?

Thanks,
Dave