Why This Happens
cURL error 60 means the SSL certificate chain cannot be verified because the CA certificate bundle is missing or outdated. This is common on Windows or fresh server installations. The fix is to install a proper CA bundle, not to disable SSL verification which would create a security vulnerability.
The Problem
// DANGEROUS: Do not do this in production
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);The Fix
// Download cacert.pem from https://curl.se/ca/cacert.pem
// Then configure in php.ini:
// curl.cainfo = /path/to/cacert.pem
// Or set per-request:
curl_setopt($ch, CURLOPT_CAINFO, '/path/to/cacert.pem');
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);Step-by-Step Fix
- 1
Download the CA bundle
Download the latest CA certificate bundle from https://curl.se/ca/cacert.pem and save it to a known location on your server.
- 2
Configure PHP to use it
Set curl.cainfo in php.ini to point to the downloaded cacert.pem file, or set CURLOPT_CAINFO per request.
- 3
Never disable verification
Do not set CURLOPT_SSL_VERIFYPEER to false in production. This disables security and makes your application vulnerable to man-in-the-middle attacks.
Bugsly catches this automatically
Bugsly's AI analyzes this error pattern in real-time, explains what went wrong in plain English, and suggests the exact fix — before your users even report it.
Try Bugsly free