I’ve spent countless hours over the past few days trying to resolve the following error message: Error sending SMS: SSL certificate problem: self signed certificate in certificate chain. Microsoft Edge browser, Firefox and Chrome all show that the website is using a valid SSL certificate but, alas, some WordPress plugins just don’t like the valid certificate!
What causes the WordPress ‘self signed certificate’ error
Until I installed WordPress version 4.4. on a WooCommerce WordPress website, I was able to use the Twilio SMS integration with no problems; someone placed an order and they received an SMS. Since the upgrade the integration between WordPress and Twilio wasn’t working and sending a test message resulted in the SSL certificate problem as described above.
To make a very long (and tedious) story short, WordPress has ‘updated’ a certain file that is shipped with the WordPress software. For whatever reason, lots of people seem to be getting the self signed certificate in certificate chain error with various plugins due to the new WordPress file.
Instructions to fix the WordPress SSL certificate problem
I really don’t like to mess around with security files (and furthermore core WordPress files) so I recommend only applying this fix if you are getting the SSL error message. I don’t foresee however there being any security vulnerabilities with the steps below but I’m no security expert.
Here are the steps to replace the new file (shipped with WordPress 4.4) with the file from WordPress 4.3.1. which will have you up and running again.
- In your cPanel file manager or an FTP client (such as Filezilla) connect to your host server.
- Navigate to /wp-includes/certificates in your FTP client or server File Manager.
- Rename ca-bundle.crt to ca-bundle.crt-old.
- Download and extract WordPress version 4.3.1 (the zip file is usually best to download).
- In the extracted WordPress 4.3.1 files, navigate to /wp-includes/certificates and copy ca-bundle.crt to the /wp-includes/certificates directory on your server.
You should no longer receive the certificate chain error message. Please be aware that any WordPress update will overwrite the changes you’ve made above (so you’ll need to replace .crt file again if you get the SSL errors again).
Good luck and let me know in the comments below how you get along.
Gustavo Olivares says
November 18, 2016 at 12:26 amThank you very much. It’s very annoying the problem with Edge. Your solution works perfectly for my webpage.
JR says
November 4, 2018 at 12:31 amThanks for this solution. The certificates folder was missing in my version. Just added the new folder and added the ca-bundle.crt file.