Problem
When fetching data from a website using Guzzle, I got this error:
1
| cURL error 60: SSL certificate problem: certificate has expired
|
Opening the same URL in Chrome worked fine. Checking the SSL certificate showed it was issued by COMODO RSA Organization Validation Secure Server CA. After some research, I found the Root CA certificate was missing on Linux.
First Attempt
I downloaded the certificate from the Comodo website and placed it under /etc/ssl/certs. Still got the same error.
Final Solution
Specify the certificate path directly in GuzzleHttp:
1
2
3
4
| use GuzzleHttp\Client;
$client = new Client(['verify' => '/path/to/cert.pem']);
$client->get('https://xx.xx.xx');
|
How to Do It in Laravel
If all HTTP requests need this certificate, bind it in AppServiceProvider:
1
2
3
4
5
6
7
8
9
10
11
12
| use GuzzleHttp\Client;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider
{
public function register()
{
$this->app->bind(Client::class, function () {
return new Client(['verify' => '/path/to/cert.pem']);
});
}
}
|
If only a specific service needs it, use contextual binding:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
| use App\Services\GithubService;
use GuzzleHttp\Client;
use Illuminate\Support\ServiceProvider;
class AppServiceProvider extends ServiceProvider
{
public function register()
{
$this->app->when(GitHubService::class)
->needs(Client::class)
->give(function () {
return new Client(['verify' => '/path/to/cert.pem']);
});
}
}
|
This way only the Client injected into GitHubService will include the certificate — other usages remain unaffected.
