- Greetings,We are trying to get the constant contact plugin working with our site, it installs without issue, but when the plugin is activated we were getting an ‘HTTP Error 500’ when attempting to create a new page, post, contact form, or even edit an existing page. Once the ConstantContact plugin is disabled the error stops happening.With WP debugging turned on we see the following:
Fatal error: Uncaught exception ‘GuzzleHttpRingExceptionRingException’ with message ‘cURL error 60: SSL certificate problem: unable to get local issuer certificate’ in E:WordPresswp-contentpluginsconstant-contact-formsvendorconstantcontactguzzlehttpringphpsrcClientCurlFactory.php:127 Stack trace: #0 E:WordPresswp-contentpluginsconstant-contact-formsvendorconstantcontactguzzlehttpringphpsrcClientCurlFactory.php(91): GuzzleHttpRingClientCurlFactory::createErrorResponse(Array, Array, Array) #1 E:WordPresswp-contentpluginsconstant-contact-formsvendorconstantcontactguzzlehttpringphpsrcClientCurlHandler.php(96): GuzzleHttpRingClientCurlFactory::createResponse(Array, Array, Array, Array, Resource id #92) #2 E:WordPresswp-contentpluginsconstant-contact-formsvendorconstantcontactguzzlehttpringphpsrcClientCurlHandler.php(68): GuzzleHttpRingClientCurlHandler->_invokeAsArray(Array) #3 E:WordPresswp-contentpluginsconstant-contact-formsvendorconstantcontactguzzlehttpringph in E:WordPresswp-contentpluginsconstant-contact-formsvendorconstantcontactguzzlehttpguzzlesrcExceptionRequestException.php on line 51This seems very similar to the issue in question here:
https://wordpress.org/support/topic/constant-contact-plugin-not-compatible-with-wordpress-4-8-2-2/We attempted applying the changes to the /vendor/constantcontact/guzzlehtp/guzzle/src/utils.php file outlined in the post below with no effect.
https://wordpress.org/support/topic/fatal-error-when-using-php-7-1/#post-9358631Our instance of WordPress is running on Server 2016 with IIS Version 10.xxx and PHP version 5.6.Hoping you fine folks can help us out, thanks in advance.- This topic was modified 1 year ago by jeffbanks. Reason: Didnt see the KB article, will re-post if issue isn't resolved
There are several ways this issue has been resolved previously: A. Ensure the root cert is added to git.exe's certificate store as discussed here. Tell Git where to find the CA bundle by running. Unable to resolve “unable to get local issuer certificate” using git on Linux with self-signed certificate, in importing dependencies go get -u -v (Go) When importing some project or dependency in Go, via github and there are problems with SSL, like this case: go get -u -v gopkg.in/goyy/goyy.v0.
- The topic ‘cURL error 60: SSL certificate problem: unable to get local issuer certificate’ is closed to new replies.
One of the most common issue with TFS/GIT users come across is the issue caused by self-signed certificates or the corporate certificates.
Error: SSL certificate problem: unable to get local issuer certificate
Error: SSL certificate problem: unable to get local issuer certificate
This Applied to:
TFS 2015 update 3
Git 2.10.0
Android studio 2.1.2
Java 1.7.45
TFS 2015 update 3
Git 2.10.0
Android studio 2.1.2
Java 1.7.45
We used Android studio and VSTS/TFS plugin to clone a GIT repository, we faced issues in retrieving the local issuer certificate. These are certificates that have not been signed by a known trusted certificate authority. The problem is that GIT/JAVA will not accept this certificate automatically. We need to force GIT/JAVA to accept the self-signed certificates.
Let’s now consider how to go about with the resolution,
Initially, we faced issues with TFS authentication,
Unable to authenticate to TFS 'https://server:8080/tfs'. verify access to the server URL and try 'Connect...' again.
Very often this error can be interpreted to be the result of self-signed certificate. If the certificate in use is Self-signed or any other certificate that is private to the internal network. Java doesn’t trust such certificates and for which, we can import the cert into the trust store and make it to work.
The link explains how the certificate import works in a Linux machine (which is also applicable for Windows).
the “keytool” is under “<JAVA_HOME>binkeytool.exe”, and
the “cacerts” trust store is under “<JAVA_HOME>jrelibsecuritycacerts”.
<JAVA_HOME> should be the jre/jdk installation used by IntelliJ.
This should have resolved the above TFS connectivity failure.
Note:
If you are using self-signed certificate, you may not be able to connect to TFS from the plugin
Error message: Caused by: javax.net.ssl.SSLPeerUnverifiedException: Host name 'server' does not match the certificate subject provided by the peer (CN=server.corp.fabricam.com)
Providing the complete FQDN(https://server.corp.fabricam.com/tfs) instead of the server or the machine name (https://server/tfs) is mandatory as the canonical name is set to map to the FQDN.
After getting past the connectivity issue, there are instances in which we get error like the one below:
SSL certificate problem: unable to get local issuer certificate
In the android logs,
#git4idea.commands.GitHandler - fatal: unable to access 'https://server/tfs/DefaultCollection/_git/gitRepo/': SSL certificate problem: unable to get local issuer certificate
Exception : javax.ws.rs.ProcessingException: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at org.glassfish.jersey.apache.connector.ApacheConnector.apply(ApacheConnector.java:498)
at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:225)
at org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:655)
at org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:652)
at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:423)
at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:652)
at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:387)
at org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:291)
at com.microsoft.alm.plugin.context.rest.VstsHttpClient.sendRequest(VstsHttpClient.java:30)
at com.microsoft.alm.plugin.context.ServerContextManager.checkTfsVersionAndConnection(ServerContextManager.java:257)
atcom.microsoft.alm.plugin.context.ServerContextManager.validateServerConnection(ServerContextManager.java:206) at com.microsoft.alm.plugin.context.ServerContextManager.validateServerConnection(ServerContextManager.java:171)
at com.microsoft.alm.plugin.idea.common.services.CredentialsPromptImpl.validateCredentials(CredentialsPromptImpl.java:68)
atcom.microsoft.alm.plugin.authentication.TfsAuthenticationProvider$TfsAuthenticator.run(TfsAuthenticationProvider.java:100)
at org.glassfish.jersey.client.ClientRuntime.invoke(ClientRuntime.java:225)
at org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:655)
at org.glassfish.jersey.client.JerseyInvocation$1.call(JerseyInvocation.java:652)
at org.glassfish.jersey.internal.Errors.process(Errors.java:315)
at org.glassfish.jersey.internal.Errors.process(Errors.java:297)
at org.glassfish.jersey.internal.Errors.process(Errors.java:228)
at org.glassfish.jersey.process.internal.RequestScope.runInScope(RequestScope.java:423)
at org.glassfish.jersey.client.JerseyInvocation.invoke(JerseyInvocation.java:652)
at org.glassfish.jersey.client.JerseyInvocation$Builder.method(JerseyInvocation.java:387)
at org.glassfish.jersey.client.JerseyInvocation$Builder.get(JerseyInvocation.java:291)
at com.microsoft.alm.plugin.context.rest.VstsHttpClient.sendRequest(VstsHttpClient.java:30)
at com.microsoft.alm.plugin.context.ServerContextManager.checkTfsVersionAndConnection(ServerContextManager.java:257)
atcom.microsoft.alm.plugin.context.ServerContextManager.validateServerConnection(ServerContextManager.java:206) at com.microsoft.alm.plugin.context.ServerContextManager.validateServerConnection(ServerContextManager.java:171)
at com.microsoft.alm.plugin.idea.common.services.CredentialsPromptImpl.validateCredentials(CredentialsPromptImpl.java:68)
atcom.microsoft.alm.plugin.authentication.TfsAuthenticationProvider$TfsAuthenticator.run(TfsAuthenticationProvider.java:100)
There are 2 methods of dealing with this issue.
1.Disable SSL verification using below command,
git config --global http.sslVerify false
NOTE:
If you disable SSL certificates verification, then you are susceptible to Man in middle attacks.
If you disable SSL certificates verification, then you are susceptible to Man in middle attacks.
2.The preferred method is import certificate authority (CA) to trusted certificate authority store.
If we can verify that disabling SSL verification works, then this article may help:
If we can verify that disabling SSL verification works, then this article may help:
But, in case if the article doesn’t help,
Try exporting the certificate in all the levels again, following the instructions on the blog.
Try exporting the certificate in all the levels again, following the instructions on the blog.
Test certificates with curl.exe, to check if the SSL handshake is successful.
'c:Program FilesGitmingw64bincurl.exe' -v https://server-name -cacert c:pathtocertfile.cer
Now, import the certificate into the Git.exe cert store as we did before (also from blog). After importing the certificate, GIT clone’s files from the master branch.
For the complete encryption and the decryption, import the certificate into the Java cert store for Android Studio.
JRE that is now packaged with Android Studio 2.2. You can find it at the root of the Android Studio folder. “C:program filesAndroidAndroid Studiojre”
Hope this helps!
Content: Ramandeep Singh
Review: Romit Gulati
Review: Romit Gulati