root@sclrdev:/home/sclr/certs/FreshCerts# curl --ftp-ssl --verbose ftp://{abc}/ -u trup:trup --cacert /etc/ssl/certs/ca-certificates.crt
* About to connect() to {abc} port 21 (#0)
*   Trying {abc}...
* Connected to {abc} ({abc}) port 21 (#0)
< 220-Cerberus FTP Server - Home Edition
< 220-This is the UNLICENSED Home Edition and may be used for home, personal use only
< 220-Welcome to Cerberus FTP Server
< 220 Created by Cerberus, LLC
> AUTH SSL
< 234 Authentication method accepted
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS alert, Server hello (2):
* SSL certificate problem: unable to get local issuer certificate
* Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: http://curl.haxx.se/docs/sslcerts.html

curl performs SSL certificate verification by default, using a "bundle"
 of Certificate Authority (CA) public keys (CA certs). If the default
 bundle file isn't adequate, you can specify an alternate file
 using the --cacert option.
If this HTTPS server uses a certificate signed by a CA represented in
 the bundle, the certificate verification probably failed due to a
 problem with the certificate (it might be expired, or the name might
 not match the domain name in the URL).
If you'd like to turn off curl's verification of the certificate, use
 the -k (or --insecure) option.

当前回答

由于conda环境,一些系统可能存在此问题。如果你安装了conda,那么禁用它可以解决你的问题。在我的情况下,当我停用conda时,这个curl-SSL错误得到了解决。在ubuntu或MacOS上试试这个命令

conda deactivate

其他回答

关于“SSL证书问题:无法获得本地颁发者证书”错误。需要注意的是,这适用于发送CURL请求的系统,而不是接收请求的服务器。

Download the latest cacert.pem from https://curl.se/ca/cacert.pem Add the '--cacert /path/to/cacert.pem' option to the curl command to tell curl where the local Certificate Authority file is. (or) Create or add to a '.curlrc' file the line: cacert = /path/to/cacert.pem See 'man curl', the section about the '-K, --config <file>' section for information about where curl looks for this file. (or if using php) Add the following line to php.ini: (if this is shared hosting and you don't have access to php.ini then you could add this to .user.ini in public_html).

卷毛。cainfo = " - path / to / downloaded cacert pem。”

请确保将路径用双引号括起来!!

默认情况下,FastCGI进程将每300秒解析一次新文件(如果需要,您可以通过添加几个文件来改变频率https://ss88.uk/blog/fast-cgi-and-user-ini-files-the-new-htaccess/)。

这可以帮助你控制暴饮暴食:

$client = new Client(env('API_HOST'));
$client->setSslVerification(false);

测试在guzzle/guzzle 3.*

我通过在cURL脚本中添加一行代码解决了这个问题:

curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);

警告:这使得请求绝对不安全(参见@YSU的回答)!

它失败了,因为cURL无法验证服务器提供的证书。

有两个选项可以让它工作:

使用带-k选项的cURL,允许cURL建立不安全的连接,即cURL不验证证书。 将根CA(签署服务器证书的CA)添加到/etc/ssl/certs/ca-certificates.crt

您应该使用选项2,因为它是确保您连接到安全FTP服务器的选项。

我的方法是在旋度上加-k。 没必要把事情复杂化。

卷曲人:/ d.el。B /release/curl/date 1.20.0/binus/lynx / 64/ cubacal