Error making API request: SSL certificate problem: certificate has expired
What is the issue you’re encountering
I use Turnstile on my website, which has been working fine for about half a year. Now I suddenly get an error message “Error making API request: SSL certificate problem: certificate has expired”. I made no changes to my site’s coding, and my site’s SSL certificates are up to date and won’t expire until next year, so I don’t know why I’m suddenly getting this error…
Thanks for your reply, my site is not hosted on Cloudflare, I just use Turnstile for spam protection. Can you clarify what you mean by “encryption mode”?
All right, in that case the question for the encryption is irrelevant. Can you still post a screenshot, as I am not sure which certificate you are referring to.
That was me sending a test message through my own contact form. On the first page with the contact form, the Turnstile widget is loading fine, and I get a checkbox for being human. On the second page, when the message is being sent, I’m getting this error message. It looks like some kind of error is being generated that does not allow the message to pass through.
This will be some server issue, maybe you need to update your server-side CA certificates, but I am afraid that’s something you need to debug on your server. Cloudflare won’t be involved here, challenges.cloudflare.com loads fine on HTTPS.
Ok, my webhost has confirmed that my site’s SSL certificates are correct. Is there anything else I can do? I’m confused that the widget works fine and displays the checkmark, but on the next page where the server-side verification is, I’m getting the error. Has anything changed about the way I need to implement the captcha verification in the last two weeks?
If I can’t figure this out, I suppose I have no choice but to look for a new captcha provider, which would be very annoying. I really liked Turnstile up to this point, so I hope I can resolve the issue.
One thing that might be noteworthy: The last new signup on my site (using Turnstile) was on July 17th. The certificate for challenges.cloudflare.com was renewed on July 17th. This would line up perfectly with the time the issues started for me.
This won’t be an issue with your site’s certificate but, as mentioned, most probably with root CAs. I am afraid this really is something for your webmaster or host to debug.
As @sandro already explained, this most probably is not an issue of your website’s SSL/TSL certificate, but the CA certificates on the server your code is running on. If you find another CAPTCHA provider and do some sort of server-side verification, you’ll most likely run into the same issue if that other provider also provides an API. I would suggest you try to update your servers certificates or try not to suppress certificate verification (e.g. via curl using -k curl - How To Use).
