Reputation: 2712
"unable to get local issuer certificate" when trying to access Microsoft Graph
I want to configure my Symfony4 application to read and send e-mails using the msgraph-sdk-php library.
My first experience was this piece of code:
$guzzle = new \GuzzleHttp\Client();
$url = 'https://login.microsoftonline.com/' . $tenantId . '/oauth2/token?api-version=1.0';
$token = json_decode($guzzle->post($url, [
'form_params' => [
'client_id' => $clientId,
'client_secret' => $clientSecret,
'resource' => 'https://graph.microsoft.com/',
'grant_type' => 'client_credentials',
],
'verify' => false
])->getBody()->getContents());
$accessToken = $token->access_token;
$graph = new Graph();
$graph->setAccessToken($accessToken);
try {
$user = $graph->createRequest("GET", "/me")
->setReturnType(User::class)
->execute();
} catch (GraphException $e) {
$user=(object) ['getGivenName'=>$e->getMessage()];
}
return "Hello, I am $user->getGivenName() ";
But then Symfony shows me an exception page with this message:
cURL error 60: SSL certificate problem: unable to get local issuer certificate
What should I do to overcome this?
Upvotes: 2
Views: 2712
Answers (1)
Reputation: 27295
On Windows systems cURL can't access the CA-Certs sometimes. So you have to download the CA-Files and add them to Curl. You can download the certificate here:
http://curl.haxx.se/docs/caextract.html
curl_setopt($ch, CURLOPT_CAINFO, __DIR__ . "/certs/cacert.pem");
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
So to fix the problem temporary you can disable the Peer verification but you should do that only for testing.
$client->setDefaultOption('verify', false);
Then it should be possible to connect. To add the certificate you can to the following but then you have to download the certificate first.
$client = new \GuzzleHttp\Client();
$client->setDefaultOption('verify', 'curl-ca-bundle.crt');
Or last solution ad the ca file to your php.ini (The file from curl.haxx.se):
curl.cainfo = "[pathtothisfile]\cacert.pem"
Upvotes: 1
Related Questions
- Microsoft graph return "access token is empty"
- Authorization_IdentityNotFound Error while accessing graph API
- Graph API is removing certificates from my Enterprise Application in AzureAD
- Problem with Azure AD authentication - Bearer token returns only app information
- SSL errors on graph.windows.net
- Obtaining a valid access token for Microsoft Graph API
- Error AADSTS700027 in PowerShell script using certificate to access Microsoft Graph API
- Microsoft Graph - WithCertificate - fails with "The provided certificate has a key that is not accessable."
- "Insufficient privileges to complete the operation" when trying to connect to Microsoft Graph
- Azure Graph API: Unable to find valid certification path to requested target on REST call