Quote Originally Posted by one tall man View Post
Argh! I was using an old version of curltester.php and the new version from 1.5.5 shows successful test to all destinations.
But I am still getting the error. How should I investigate further?
Exactly when/where are you getting this error? (Yeah, I know it is during checkout, but I/we don't know if this is when using the Express checkout, or whether it is when a user is logged in and steps through the checkout pages to the final click, which gives the PayPal popup).

Furthermore, the thread that you have jumped into here is referring to the error message that would only be found in the log files, so are the log files that "show the same error" newly created ones or are you possible looking at old files?

The thing is, I've just been to your store, added a product to the cart, tried the express checkout and was taken to the PayPal site as expected. I aborted the transaction at that point.

Next thing I did was create a store user account, and again, went right through the checkout process right up until the PayPal popup, at which point I again aborted.

I had no errors - BUT, I did note that your site is using a self-signed certificate, which will cause all browsers to produce a security warning, which needs the customer to accept this certificate before proceeding with the site SSL connection, but this is actually a different kettle of fish than what would cause the (60) SSL local issuer problem, which points right back to a problem with the cacert.pem file, but if that were the case, the cURL test script would almost certainly fail as well, which it isn't.

So, at this stage, I'm not seeing any problems at all, and the only step I've not done is click the PayPal buttons to finalize the transaction.

How did you test/check that you are still getting the error? Did you place an order in your own store, or are you waiting/watching for a customer to place an order? Have any customers tried placing an order since you've updated the cacert.pem?

Unless you've posted more information in another thread, you haven't really given us a great deal of information, and nothing personal, I always cringe when I read things like "I'm getting the same error" or "still getting the error" - because it isn't uncommon to find that it either isn't 'the same error' as discussed hijacked thread, or, in a case like yours (where you followed the 'fix' for the 'same error') the 'still getting the error' isn't always true , and often turns out to be a different error (IOW, the original error could have fixed, only to reveal another,, but the assumption being that it is still the same error). Putting it another way, until confirmed that it really is the 'same error' that you are currently seeing, and that the error log entries are *new* (since the cacert.pem update) we could all be running around in circles.

The other thing that I find a little unsettling is the fact that you discovered that you had originally used an older version of the curltester.php . How did that come to be? How come this file didn't get updated along with the rest of the files when the store was updated? What *other* files didn't get updated? Is it possible that the PayPal related files also didn't get updated as they should have done? Mixing files from different versions can often have unexpected results, which brings us back to the question as to whether you might have had two different issues - The now (possibly) fixed local issuer error, and now a different error relating to old paypal related files?

Sorry, but at the moment, I don't have any answers, just more questions.

Cheers
RodG