- The Bluehost wrong certificate error when calling Twilio API is caused by a mismatch between the SSL certificates on your server and Twilio’s.
- You can fix this error by either updating the CA bundle on your server or disabling SSL verification for cURL, depending on your preference and security needs.
If you are using Bluehost as your web hosting provider and Twilio as your communication platform, you may encounter a frustrating error when trying to make API calls from your WordPress site to Twilio. The error message may look something like this:
cURL error 60: SSL certificate problem: unable to get local issuer certificate
This error means that your server is unable to verify the SSL certificate of Twilio, and therefore cannot establish a secure connection. This can prevent you from sending or receiving SMS, voice calls, or other communications using Twilio.
In this blog post, we will explain why this error occurs and how to fix it in a few simple steps. We will also provide some FAQs and additional resources to help you troubleshoot and resolve this issue.
Table of Contents
- Why Does This Error Happen?
- How to Fix It?
- Solution 1: Update the CA Bundle on Your Server
- Solution 2: Disable SSL Verification for cURL
- Frequently Asked Questions (FAQs)
- Question: How do I know if I have this error?
- Question: How do I update the CA bundle on my server if I don’t have SSH access?
- Question: How do I disable SSL verification for cURL if I don’t use WordPress?
- Summary
Why Does This Error Happen?
The Bluehost wrong certificate error happens because of a mismatch between the SSL certificates installed on your server and the ones that Twilio uses. Twilio uses certificates issued by DigiCert, a trusted certificate authority (CA) that is recognized by most browsers and operating systems. However, Bluehost may not have the latest CA bundle installed on their servers, which means that they do not have the information needed to validate Twilio’s certificates.
This can cause a problem when you use a WordPress plugin or a PHP script that relies on cURL, a library that allows you to make HTTP requests from your server. cURL will try to verify the SSL certificate of the website you are calling, but it will fail because it does not have the correct CA bundle. This will result in the cURL error 60 that you see on your WordPress dashboard or your PHP logs.
How to Fix It?
There are two possible ways to fix the Bluehost wrong certificate error when calling Twilio API:
- Update the CA bundle on your server
- Disable SSL verification for cURL
Solution 1: Update the CA Bundle on Your Server
The first and recommended way to fix this error is to update the CA bundle on your server. This will ensure that your server has the latest information about the trusted CAs and their certificates, including DigiCert and Twilio. To do this, you will need to access your server via SSH and run some commands.
Here are the steps to update the CA bundle on your server:
- Log in to your Bluehost account and go to Advanced > SSH Access. Enable SSH access for your account and generate an SSH key pair if you haven’t done so already. Copy the public key and save it somewhere safe.
- Download an SSH client such as PuTTY or Terminal and use it to connect to your server using your username, password, and hostname. You can find these details on your Bluehost dashboard under Advanced > SSH Access.
- Once you are connected, run the following command to download the latest CA bundle from Mozilla: curl -o /etc/ssl/certs/ca-bundle.crt https://curl.se/ca/cacert.pem
This will overwrite the existing CA bundle file on your server with the new one.
- Restart your Apache server by running the following command: sudo service httpd restart
This will apply the changes and reload the SSL configuration.
- Test your API calls to Twilio again and see if the error is gone. If everything works fine, you have successfully updated the CA bundle on your server and fixed the issue.
Solution 2: Disable SSL Verification for cURL
The second way to fix this error is to disable SSL verification for cURL. This means that cURL will not check the SSL certificate of the website you are calling, and will accept any certificate as valid. This can solve the problem of the Bluehost wrong certificate error, but it also comes with some risks. By disabling SSL verification, you are exposing yourself to potential man-in-the-middle attacks, where someone can intercept and modify your HTTP requests or responses without your knowledge. Therefore, this method should only be used as a temporary workaround or a last resort.
Here are the steps to disable SSL verification for cURL:
- Log in to your WordPress dashboard and go to Plugins > Add New. Search for “SSL Insecure Content Fixer” and install and activate it.
- Go to Settings > SSL Insecure Content and select “Capture All” under HTTPS detection.
- Scroll down to “cURL Options” and check the box that says “Disable peer verification”. This will tell cURL not to verify the SSL certificate of the website you are calling.
- Save your changes and test your API calls to Twilio again. If they work without errors, you have successfully disabled SSL verification for cURL.
Frequently Asked Questions (FAQs)
Here are some frequently asked questions about the Bluehost wrong certificate error when calling Twilio API:
Question: How do I know if I have this error?
Answer: You can check if you have this error by looking at your WordPress dashboard or your PHP logs. If you see a message that says “cURL error 60: SSL certificate problem: unable to get local issuer certificate”, then you have this error.
Question: How do I update the CA bundle on my server if I don’t have SSH access?
Answer: If you don’t have SSH access to your server, you can contact Bluehost support and ask them to update the CA bundle for you. Alternatively, you can use a plugin such as WP File Manager to upload the CA bundle file to your server via FTP.
Question: How do I disable SSL verification for cURL if I don’t use WordPress?
Answer: If you don’t use WordPress, you can disable SSL verification for cURL by adding the following line to your PHP script that makes the API calls: curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
This will tell cURL not to verify the SSL certificate of the website you are calling. However, this is not recommended for security reasons.
Summary
The Bluehost wrong certificate error when calling Twilio API is a common issue that occurs when your server does not have the latest CA bundle installed and cannot verify Twilio’s SSL certificate. This can prevent you from making or receiving communications using Twilio from your WordPress site.
To fix this error, you can either update the CA bundle on your server or disable SSL verification for cURL. The former is the preferred and safer method, while the latter is a quick and risky workaround. Either way, you should be able to resolve this error and enjoy the benefits of Twilio’s communication platform.
Disclaimer: This blog post is for informational purposes only and does not constitute professional advice. We are not affiliated with Bluehost or Twilio and do not endorse their products or services. We are not responsible for any damages or losses that may result from following the instructions in this blog post. Always consult with your web hosting provider and communication platform provider before making any changes to your server or website configuration.