How to Fix cURL Error 60 in WordPress: SSL Certificate Problem (3 Fixes)

jiuyi
Administrator
237
Posts
0
Fans
Support & TroubleshootingComments6Characters 894Views2min58sRead
If you’re stuck on a WordPress plugin installation failure, the root cause is almost always an SSL certificate issue in your local development environment. This guide walks you through three proven methods to resolve the problem completely.
Many WordPress developers and site owners — especially those running local stacks like phpStudy or the XiaoPi Panel — have run into this exact issue: you click to install a plugin, only to be met with a red error notice stating the installation has failed.

The full error typically reads:

Installation failed: Download failed. cURL error 60: SSL certificate problem: unable to get local issuer certificate

Put simply, your local server cannot complete the SSL handshake when connecting to the official WordPress plugin repository, which blocks the download and causes the installation to fail.
You don’t need to dig into complex server configurations to fix this. Below are three practical solutions — ranging from quick temporary workarounds to a permanent, secure fix — to eliminate the error completely.

Method 1: Quick Code Snippet (Fast Temporary Fix)

This method requires zero server administration knowledge. By adding a short code snippet to your theme file, you can force WordPress to skip SSL verification during plugin downloads and bypass the cURL error 60 immediately.

Step-by-Step Guide

  1. Log into your WordPress dashboard and go to Appearance > Theme File Editor.
  2. From the file list on the right, select Theme Functions (functions.php).
  3. Scroll to the very end of the file and paste the code below. If the file ends with a ?> tag, paste the code before it.
add_filter('https_ssl_verify', '__return_false');
add_filter('http_request_args', 'fix_ssl_verification_by_code', 10, 2);
function fix_ssl_verification_by_code($args, $url) {
    $args['sslverify'] = false;
    return $args;
}
  1. Click Update File to save your changes.
  2. Return to the plugin installation screen and try again — the download and installation should now complete normally.
⚠️ Security Warning
This approach disables SSL certificate validation for outgoing connections and reduces your site’s security level. Use it exclusively in local development environments, and delete the code snippet immediately after you finish installing plugins.

Method 2: Manual Plugin Upload (Reliable Code-Free Solution)

If you’d rather not edit any code, or if you also regularly hit connection timeout errors alongside SSL issues, manual upload is the simplest and most dependable workaround.
Because you upload the plugin archive directly from your local device, this method entirely skips server-to-server communication between your environment and the WordPress repository — so SSL certificate errors never come into play.

Step-by-Step Guide

  1. Download the plugin ZIP file

    Open the official WordPress Plugin Directory in your browser, search for the plugin you need, and click the Download button to save the .zip archive to your computer.

  2. Upload and install the plugin

    In your WordPress dashboard, go to Plugins > Add New.

  3. Click the Upload Plugin button near the top of the page.
  4. Click Choose File, select the .zip archive you downloaded, then click Install Now.
  5. When the installation finishes, click Activate to enable the plugin.

Method 3: Replace cURL CA Certificate Bundle (Permanent, Secure Fix)

This is the standard, security-compliant solution that addresses the root cause of the error. The cURL error 60 occurs because your local PHP environment ships with an outdated or missing set of trusted root CA certificates. By installing the official cacert.pem bundle and configuring PHP to reference it, you permanently fix SSL verification for all WordPress and PHP operations, with no workarounds needed.

Step-by-Step Guide

  1. Download the official CA certificate bundle

    Download the latest cacert.pem file from the official cURL website — this is the same trusted root certificate set maintained by Mozilla. Save the file to a fixed directory on your local server (for example, C:\php\extras\ssl\cacert.pem on Windows).

  2. Locate your active php.ini configuration file

    In your local PHP environment (phpStudy, XiaoPi Panel, XAMPP, WAMP or similar), open the currently active php.ini file. You can confirm the exact file path via a PHP info page or your control panel’s PHP settings.

  3. Configure PHP to use the certificate file

    Search for the curl.cainfo directive in php.ini. Uncomment the line by removing the leading semicolon ;, then set its value to the full absolute path of your cacert.pem file:

    curl.cainfo = "C:\php\extras\ssl\cacert.pem"
    For full compatibility across all PHP extensions, also set the openssl.cafile directive to the same path:
    openssl.cafile = "C:\php\extras\ssl\cacert.pem"

  4. Restart your web server

    Save the php.ini file, then restart your Apache/Nginx and PHP services through your local control panel. The certificate configuration will take effect after the restart.

  5. Return to WordPress and retry plugin installation. SSL verification will now pass normally, and the error will be permanently resolved.
💡 Note
This is the recommended long-term solution for local development environments. It preserves full SSL security validation and fixes the issue for all PHP/cURL requests, not just WordPress plugin downloads.

Final Notes

The cURL error 60 SSL certificate problem is a common, low-severity issue that almost exclusively affects local WordPress development environments — there’s no need to panic.
All three methods above will get your plugins installed successfully: the code snippet delivers the fastest temporary fix for quick testing, the manual upload method offers the most reliable code-free workaround, and the CA certificate replacement provides a permanent, security-preserving resolution. Pick whichever fits your workflow best.

 
jiuyi
  • by Published onJune 23, 2026
  • Please be sure to keep the original link when reposting.:https://www.wptroubleshoot.com/fix-wordpress-curl-error-60-ssl-certificate-problem/

Loading...

Comment