Dreaded curl: (60) SSL certificate problem: self signed certificate in certificate chain

Warning NSFW::

I have followed setting up cloudflare origin, public and private keys for nginx

    listen   443;
    
    server_name xxx;

ssl    on;
    ssl_certificate /etc/nginx/ssl/bundle.crt;
    ssl_certificate_key /etc/nginx/ssl/private_cloud.pem;

part of nginx config.

All my php curl tests fail with the 60) SSL certificate problem: self signed certificate in certificate chain error.

Even just doing command line curl does the same… see output below… any thoughts on this?

FYI the site works fine just internal cert issue which im assuming is causing curl to fail on php

[email protected]:/etc/nginx/ssl$ curl -v https://amateurgirlonline.com/

  • Trying 173.230.155.65…

  • TCP_NODELAY set

  • Connected to xxx (173.230.155.65) port 443 (#0)

  • ALPN, offering h2

  • ALPN, offering http/1.1

  • successfully set certificate verify locations:

  • CAfile: /etc/ssl/certs/ca-certificates.crt

CApath: /etc/ssl/certs

  • TLSv1.3 (OUT), TLS handshake, Client hello (1):

  • TLSv1.3 (IN), TLS handshake, Server hello (2):

  • TLSv1.2 (IN), TLS handshake, Certificate (11):

  • TLSv1.2 (OUT), TLS alert, Server hello (2):

  • SSL certificate problem: self signed certificate in certificate chain

  • stopped the pause stream!

  • Closing connection 0

curl: (60) SSL certificate problem: self signed certificate in certificate chain

More details here: https://curl.haxx.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not

establish a secure connection to it. To learn more about this situation and

how to fix it, please visit the web page mentioned above.

That would seem to be just a DNS propagation issue on your end. Your Cloudflare Origin certificate appears to be properly in place on your server and your site does load fine via Cloudflare. Make sure your encryption mode is “Full strict” and wait a bit until your resolver updates the records and you should be good to go.

This topic was automatically closed after 30 days. New replies are no longer allowed.