Operating System & Version
CentOS 6.10
cPanel & WHM Version
86.0.14

Nate Reist

Member
Jul 20, 2018
24
4
3
Michigan
cPanel Access Level
Root Administrator
I recently started getting errors when working with WP cli on the command line, but also PHP seems to be having the same issue. I'm not sure if this would be an OpenSSL issue and it not looking in the correct location for the public certificates:

Code:
Error: Failed to get url 'https://api.wordpress.org/core/checksums/1.0/?version=5.3.2&locale=en_US': cURL error 60: SSL: no alternative certificate subject name matches target host name 'api.wordpress.org'.
Note: I'm seeing the same issue on two separate servers running these versions of CentOS and cPanel/WHM.
 

cPanelLauren

Product Owner
Staff member
Nov 14, 2017
13,298
1,279
313
Houston
The documentation explains this pretty well here: curl - SSL CA Certificates as well as how to check. Is the error only occurring with WordPress?

There are also the articles listed here:
Fix CURL (51) SSL error: no alternative certificate subject name matches

cPanel has the following for this I believe /usr/local/cpanel/3rdparty/perl/530/lib/perl5/cpanel_lib/Mozilla/CA/cacert.pem but the mozilla bundle hasn't been updated since Jan 1 curl - Extract CA Certs from Mozilla

Composer certificate verify failed error - the ca-trust info could also need to be updated

There are also some other considerations to be made as well such as the following:



It's really difficult to tell you specifically where the issue lies with the information provided.
 

Nate Reist

Member
Jul 20, 2018
24
4
3
Michigan
cPanel Access Level
Root Administrator
Sorry, it this occurred the with WordPress command line tool wp cli . When running commands that pull data from the domain api.wordpress.org (downloading packages/verifying updates checksums) it gets that error. I also notice the error when websites on those server when they try to pull the RSS feed from WordPress.org ( in the browser, but over ajax - so the server is requesting the feed ) as well. I tested those commands locally and from other servers at that time though and didn't have the same issue. They were able to verify the peer certificate, so ti seems just the two servers in question weren't able to verify the certificate.

It seems to be sporadic though, this morning it is not occurring, and I can't test an issue that is not occuring :-\ so for now I'll just wait until it happens again try to diagnose it so I can provide you better information. Thanks for the info, I'll let you know if I find anything!
 
  • Like
Reactions: cPanelLauren