• Resolved chickster25

    (@chickster25)


    Hi
    I am getting an issue with failed scans and have recently changed my sites over to HTTPS

    Under the Tool > Diagnostics, I have found an error and not sure if it is relevant?

    X wp_remote_post() test back to this server failed! Response was: cURL error 60: SSL certificate problem: unable to get local issuer certificate

Viewing 9 replies - 1 through 9 (of 9 total)
  • wfdave

    (@wfdave)

    Hi @chickster25,

    This happens when cURL does not have a certificate authority.

    Can I have you follow these steps?

    1. Download cacert.pem from https://curl.haxx.se/ca/cacert.pem
    2. Open php.ini
    3. Change or add curl.cainfo = "/path/to/cacert.pem"
    4. Restart apache/httpd

    Dave

    Thread Starter chickster25

    (@chickster25)

    I dont think the SSL is the reason for the scan failing as i have another site with the same SSL problem but the scan completes.

    here is a copy of the log, when the scan failed during “File Changes”

    [Nov 21 12:54:23] Scanning contents: wp-content/uploads/2016/05/Baume-Mercier-Capeland-Mens-Watch-10062-0-0-150×150.jpg (Size: 3.79 KB Mem: 20 MB)
    [Nov 21 12:54:23] Scanning contents: wp-content/uploads/2016/04/B0058GZUM4-150×150.jpg (Size: 2.68 KB Mem: 20 MB)
    [Nov 21 12:54:23] Scanning contents: wp-content/uploads/2016/05/Skagen-Womens-Quartz-Watch-SKW2197-with-Metal-Strap-0-500×380.jpg (Size: 19.12 KB Mem: 20 MB)
    [Nov 21 12:54:24] Forking during malware scan (1058) to ensure continuity.
    [Nov 21 12:54:24] Entered fork()
    [Nov 21 12:54:24] Calling startScan(true)
    [Nov 21 12:54:24] Got value from wf config maxExecutionTime: 20
    [Nov 21 12:54:24] getMaxExecutionTime() returning config value: 20
    [Nov 21 12:54:24] Test result of scan start URL fetch: WP_Error::__set_state(array( ‘errors’ => array ( ‘http_request_failed’ => array ( 0 => ‘cURL error 60: SSL certificate problem: unable to get local issuer certificate’, ), ), ‘error_data’ => array ( ), ))
    [Nov 21 12:54:24] Starting cron via proxy at URL https://noc1.wordfence.com/scanp/www.#####.co.uk/wp-admin/admin-ajax.php?action=wordfence_doScan&isFork=1&scanMode=highsensitivity&cronKey=160428cba7b043f1b538feacdebfd9f3
    [Nov 21 12:54:25] Scan process ended after forking.

    Thread Starter chickster25

    (@chickster25)

    Thank you Dave, only just seen your update. I will give it a try

    Thread Starter chickster25

    (@chickster25)

    ive added the file to the root of wordpress and added this to the php.ini (in same location)

    curl.cainfo = “cacert.pem”

    Is this correct?

    Thanks

    wfdave

    (@wfdave)

    Yup that is correct. Let me know if it works.

    Thanks!

    Thread Starter chickster25

    (@chickster25)

    no, sadly the error is still present

    wp_remote_post() test back to this server failed! Response was: cURL error 60: SSL certificate problem: unable to get local issuer certificate

    wfdave

    (@wfdave)

    Oh I’m sorry, curl.cainfo must be an absolute path:

    curl.cainfo = "/path/to/cacert.pem"

    So for example, /home/my_certs/cacert.pem, make sure PHP has read access to that folder too.

    Dave

    Thread Starter chickster25

    (@chickster25)

    ok, so ive put this into the php.ini file

    curl.cainfo = “/www.domain.co.uk//web/cacert.pem”

    And placed it into the folder that also contains wp-admin, wp-content, wp-includes etc.. This is also where the cacert.pem file resides

    My FTP location says

    /www.domain.co.uk//web/

    So far the error is still present?

    wfdave

    (@wfdave)

    No that won’t work. Do you know the exact path on the filesystem where PHP can access cacert.pem?

    If your host is on Windows, it will be something like C:\path\to\cacert.pem

    Or if your host is on Linux, it might be /var/www/cacert.pem

    In either case, it needs to be an absolute path on the filesystem, not a domain URL.

    Dave

Viewing 9 replies - 1 through 9 (of 9 total)
  • The topic ‘Problem with Failed Scan’ is closed to new replies.