Monday, April 04, 2016

SSL certificate problem on Azure running PHP

So recently I was trying out a piece of code in PHP, and wanted to hit the Google reCaptcha server, but my curl requests all failed for some reason.

I then added an 'echo curl_error($curl);' to my code and was greeted with a "SSL certificate problem: unable to get local issuer certificate" error. Now this was much more meaningful, than a blindly failing curl request.

So here is how I fixed this issue:

Physical file configuration:

  1. Open your Azure file structure, perhaps using your favorite FTP client. I swear by FileZilla!
  2. In your site folder structure, create a folder say, "ini" under the "site" folder.
  3. Create another folder under the 'site' folder named 'ca'
  4. Go to https://curl.haxx.se/docs/caextract.html and download the 'cacert.pem' file. Place this file inside the 'ca' folder
  5. Inside 'ini' folder create a text file 'extensions.ini'
  6. Add the following line to the 'extensions.ini' file - "curl.cainfo=d:\home\site\ca\cacert.pem"
Azure Portal configuration:
  1. Head to your portal.azure.com account
  2. Refer to the documentation on how to configure custom PHP settings.
  3. Open the 'Application Settings' page for your offending Web App.
  4. On this page, under 'App Settings', set 'PHP_INI_SCAN_DIR' to 'd:\home\site\ini'
  5. Remember to hit 'Save' on top of this page, and then restart this Web App.

Wait for a few seconds, and try opening your web page again. My error vanished at this pointed and I was back in business!

Hope this helps someone out there reading this page.