What causes the WordPress ‘self signed certificate’ error
Until I installed WordPress version 4.4. on a WooCommerce WordPress website, I was able to use the Twilio SMS integration with no problems; someone placed an order and they received an SMS. Since the upgrade the integration between WordPress and Twilio wasn’t working and sending a test message resulted in the SSL certificate problem as described above.
To make a very long (and tedious) story short, WordPress has ‘updated’ a certain file that is shipped with the WordPress software. For whatever reason, lots of people seem to be getting the self signed certificate in certificate chain error with various plugins due to the new WordPress file.
Instructions to fix the WordPress SSL certificate problem
I really don’t like to mess around with security files (and furthermore core WordPress files) so I recommend only applying this fix if you are getting the SSL error message. I don’t foresee however there being any security vulnerabilities with the steps below but I’m no security expert.
Here are the steps to replace the new file (shipped with WordPress 4.4) with the file from WordPress 4.3.1. which will have you up and running again.
- In your cPanel file manager or an FTP client (such as Filezilla) connect to your host server.
- Navigate to /wp-includes/certificates in your FTP client or server File Manager.
- Rename ca-bundle.crt to ca-bundle.crt-old.
- Download and extract WordPress version 4.3.1 (the zip file is usually best to download).
- In the extracted WordPress 4.3.1 files, navigate to /wp-includes/certificates and copy ca-bundle.crt to the /wp-includes/certificates directory on your server.
You should no longer receive the certificate chain error message. Please be aware that any WordPress update will overwrite the changes you’ve made above (so you’ll need to replace .crt file again if you get the SSL errors again).
Good luck and let me know in the comments below how you get along.