Solution for cURL error 60: SSL certificate problem: certificate has expired

Recently, many WordPress websites have encountered the cURL error 60: SSL certificate problem: certificate has expired error, causing SSL certificate installation or some plugins to fail. This article shares the solution.This issue occurs because Let's Encrypt certificates have discontinued support for HTTP API requests, preventing websites using Let's Encrypt certificates from updating them, leading to certificate expiration warnings. Therefore, we just need to manually update the certificate.Solution 1: Manually replace the certificate:1. Downloadhttps://curl.se/ca/cacert.pemthis file; 2. Replace the content in cacert.pem into the /wp-includes/certificates/ca-bundle.crt file. Then the certificate expiration warning will no longer appear.Solution 2: Replace the certificate via code:If manual replacement seems troublesome, you can use the following code to replace it. First, copy the code below and paste it into your theme's functions file, then save.

/**
* 保存代码后访问 http://你网址/?update-wp-ca-bundle
*/
if( isset( $_GET['update-wp-ca-bundle'] ) ){

$crt_file = ABSPATH . WPINC . '/certificates/ca-bundle.crt';
$new_crt_url = 'http://curl.haxx.se/ca/cacert.pem';

if( is_writable( $crt_file ) ){
$new_str = file_get_contents( $new_crt_url );

if( $new_str && strpos( $new_str, 'Bundle of CA Root Certificates' ) ){
$up = file_put_contents( $crt_file, $new_str );

echo $up ? 'OK: ca-bundle.crt updated' : 'ERROR: can`t put data to ca-bundle.crt';
}
else {
echo 'ERROR: can\'t download curl.haxx.se/ca/cacert.pem';
}
}
else {
echo 'ERROR: ca-bundle.crt not writable';
}

exit;
}

Then visit http://your-website-url/?update-wp-ca-bundle and you'll be prompted that the update was successful.Solution 3: Replace the certificate via plugin:If the above two solutions seem troublesome, you can directly install an SSL Certificate Manager plugin in the WP Admin Dashboard to resolve it.Plugin Download Link