Authorizenet_aim: [curl] 60: SSL certificate problem

I am using a self-hosted v4.5.17 white-labeled version.

My clients have been getting an error message when trying to process authorize.net payments.

Authorizenet_aim: [curl] 60: SSL certificate problem: self signed certificate in certificate chain [url] https://api2.authorize.net/xml/v1/request.api

The certificate that is installed on this subdomain is valid and is issued by Let’s Encrypt SSL. I keep on being pointed to this article https://support.authorize.net/s/article/How-do-I-obtain-Authorize-Nets-SSL-Certificate-for-my-host-solution-provider but I can’t seem to find what is causing the issue…

I would appreciate any help. Thank you.

Maybe this will help

https://community.developer.authorize.net/t5/Integration-and-Testing/SSL-Certificate-Problem-Another-Authorize-net-Outage/td-p/62246

I have investigated this further and it appears to be an issue with the SDK of Authorize.NET.

The issue is discussed in the following topic:

https://github.com/AuthorizeNet/sdk-php/issues/223

As suggested by one of the users:
You can also comment out line 80 of HttpClient.php. This line is telling curl to use that specific pem's CA to validate the host in the SSL request. This is not as insecure as someone stated because when you remove this setting CURL can default to it's own CA bundle, the system store, or other trusted stores depending on how it's built. It is still less secure, but it's not completely disregarding SSL validation.

I managed to look up the line that has to be commented by it comparing from the original Authorize.NET script here:

https://github.com/AuthorizeNet/sdk-php/blob/master/lib/net/authorize/util/HttpClient.php

I disabled the line as described:
// $opts[CURLOPT_CAINFO] = DIR . '/Resources/cacert.pem';

and now the Checkout process is working as expected and the original issue is no longer present.

Glad to hear it’s working, thanks for sharing the fix!