Fix: WordPress and plugins fail on update (SSL certificate problem: unable to get local issuer certificate)

If you are running an old version of WordPress, chances are you might encounter a problem updating to the newest version or when trying to update plugins.

I got this message when trying to update an old site:

"SSL certificate problem: unable to get local issuer certificate"

As far as I can understand from this helpful post the reason is that the WordPress team included a CA certificate check from version 3.7.0 - so this will cause WordPress to complain since you are not verifying the connection in your current version.

 

The fix:

Add these lines of code to the very end (otherwise will break your site) of your wp-config.php file located in your root directory:


add_filter('https_ssl_verify', '__return_false');
add_filter('https_local_ssl_verify', '__return_false');

 

Here is an example of how it should look like:

wordpress-ssl-problem-update

 

After updating, you should be able to remove these lines of code.

 

Edit: This might be a very common Xammp error. I have read several posts about issues with certificates in Xammp and my problem was also only occuring on my localhost where i run Xammp. Here is a related problem and a general fix

karsten@madsen.pw'

Karsten Madsen

I mostly write about ideas and concepts. My passion is bulding stuff for the future and how we can improve ethics in this world. On this site my writings will relate to my struggles in web development and technical SEO :)

  • Pingback: karsten.madsen on "[Plugin: BackWPup Free - WordPress Backup Plugin] SSL certificate problem: unable to get local issuer certificate" * Best Wordpress Themes - Reviews()

  • Appreciate the post on this one. Had this problem with the fetch_feed() function in WP.

  • Vikramjeet

    Thanks for the solution, it indeed was a XAMPP error. The above lines have successfully solved the problem.

  • Ricky

    Thanku very much @Karsten … you save my life..

  • Brenda Ledwith

    Thank you for this! I was just about ready to give up, crawl into a ball and cry but this fixed the issue perfectly! Legend 🙂

  • John Gallucci

    This is a workaround to the SSL problem, not a fix. Taking the wheels off of your car does not fix your flat tire.

    To correctly resolve this issue, you need to update the bundle certificates that come with WordPress. On Linux (specifically CentOS/RHEL) you can overwrite the bundled certificates with the ones on the root OS as follows:

    ln -sf /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /var/www/html/wp-includes/ca-bundle.crt
    ln -sf /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /var/www/html/wp-includes/certificates/ca-bundle.crt

    On Debian/Ubuntu the root certificates are located in /etc/ssl/certs/ca-certificates.crt
    There are many ways to “fix” this problem, but disabling security should not be one of them.

    • StuffieStephie

      Honestly I tried several of the “proper” fixes first and they just didn’t work in my case. Besides I was just trying to update on a local install so I could get back to testing. These code lines were removed as soon as the update was finished.

      Mange tak @Karsten Madsen!