I have a Laravel project in which I'm using the GoCardless API with the PHP Client wrapper from https://github.com/gocardless/gocardless-pro-php. I have set it up very simply like so.
<?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use GoCardlessPro\Client;
class PaymentController extends Controller
{
/**
* Display the index page where we begin a payment flow.
*/
public function index(Request $request)
{
// Create a new instance of the GoCardLess Client.
$client = new Client([
'access_token' => config('gocardless.token'),
'environment' => config('gocardless.environment')
]);
$customers = $client->customers()->list();
dd($customers);
}
}
However, whenever I attempt to make an API call I get the following error.
cURL error 60: SSL certificate problem: certificate has expired (see https://curl.haxx.se/libcurl/c/libcurl-errors.html) for https://api-sandbox.gocardless.com/customers
I am using Laragon on my local machine, and one thing two things that provides are:
- Pretty URLs using Virtual Hosts
- SSL certificates for your URLs
I feel the issue lies in the fact that the Laragon SSL certificate is self signed.
Here is the folder with the related items.
I found a related issue on GitHub -> https://github.com/gocardless/gocardless-pro-php/issues/126
However, I spoke to a GoCardless developer and they said the following:
For the SSL issue this is most likely an issue on your localhost or Laravel - It's possible that if you still have the expired root CA cert in your trust store then OpenSSL is building a path to the bad CA cert and therefore considering it expired when it shouldn't be. See this post for details: https://www.openssl.org/blog/blog/2021/09/13/LetsEncryptRootCertExpire/ Our team ran into this issue on some of our machines which were running OpenSSL 1.0.2, as an example I use Mamp to run my PHP, after updating Mamp and homebrew it subsequently updated openssl
I went to the Laragon discussion form and was pointed in the direction of this link: https://forum.laragon.org/topic/1472/curl-error-60-ssl-certificate-problem-unable-to-get-local-issuer-certificate/2
Essentially I just updated my
cacert.pemwith the link provided. The file in question is located hereC:\laragon\etc\ssl\cacert.pem.If anything, the difference I saw was the addition of the following: