There’s an issue that suddenly started affecting websites on May 30, 2020 that breaks cURL and file_get_contents. This has to do with how cPanel handles external SSL requests, even if you have an installed (and properly working) SSL certificate.
Here are some of the errors you may see in your error_log file:
PHP Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
file_get_contents(): Failed to enable crypto
file_get_contents(https://example.com): failed to open stream
You can read more about cPanels official statement here: https://support.cpanel.net/hc/en-us/articles/360049424193-PHP-Functions-failing-due-to-invalid-SSL
Well, I applied their hotfix, and it didn’t do anything.
After messing with my sites for 6 hours, I found that the simple fix is adding a single line to your PHP.ini file.
- If you’re using WHM with cPanel, open MultiPHP INI Editor.
- Then, click editor mode.
- In a new line under [PHP], paste this line: openssl.cafile=/etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
- Click save
- Reboot your server
This is the location of my TLS CA Bundle on CentOS 7, but depending on your operating system, it may be in another directory, in which case you’d have to modify this line a bit.
For example, on some servers, this file may be here:
I hope this helps somebody. I told my host about it and they said several other customers were having the same issue and they were grateful that I shared this information as they had no clue how to fix it.