While executing composer install/update I have got the following error from openssl:

The "https://packagist.org/packages.json" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed Failed to enable crypto failed to open stream: operation failed https://packagist.org could not be fully loaded, package information was loaded from the local cache and may be out of date

I am using:

1. PHP 5.6.3 (cli) (built: Nov 17 2014 15:16:53)
2. XAMPP stack 5.6.3-0
3. ubuntu 14.04

composer diag shows:

Checking composer.json: OK
Checking platform settings: OK
Checking git settings: OK
Checking http connectivity: FAIL
[Composer\Downloader\TransportException] The "https://packagist.org/packages.json"  file  could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed
Checking disk free space: OK
Checking composer version: 

[Composer\Downloader\TransportException]
The "https://getcomposer.org/version" file could not be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Failed to enable crypto
failed to open stream: operation failed

php -r 'var_dump(openssl_get_cert_locations());' shows:

array(8) {
["default_cert_file"]=>
string(33) "/opt/lampp/share/openssl/cert.pem"
["default_cert_file_env"]=>
string(13) "SSL_CERT_FILE"
["default_cert_dir"]=>
string(30) "/opt/lampp/share/openssl/certs"
["default_cert_dir_env"]=>
string(12) "SSL_CERT_DIR"
["default_private_dir"]=>
string(32) "/opt/lampp/share/openssl/private"
["default_default_cert_area"]=>
string(24) "/opt/lampp/share/openssl"
["ini_cafile"]=>
string(0) ""
["ini_capath"]=>
string(0) ""
}

For php 5.5.19 everything is Ok.

I found a solution to this

I'm running:
FreeBSD 10.1
Apache2.4
PHP 5.6.3

To find the CA file I ran this command

> locate cacert.pem

Result was:
/usr/local/lib/perl5/site_perl/5.16/Mozilla/CA/cacert.pem

Then open the php.ini file and
change this:

;openssl.cafile=

To this:

openssl.cafile=/usr/local/lib/perl5/site_perl/5.16/Mozilla/CA/cacert.pem

Note: This directive is only available on php 5.6.x

Then restart Apache

I solved the problem with the SSL error by adding the SSL certificate to the XAMPP certificates folder.

// navigate to a directory to save the certificate
cd /Downloads

// download a certificate
wget http://curl.haxx.se/ca/cacert.pem

// rename and move the file to the Xampp certificates folder
mv cacert.pem /Applications/XAMPP/xamppfiles/share/openssl/cert.pem

Don't forget to restart your apache!

I am using Mac OS Sierra and when I was trying to update the composer using the command /usr/local/bin/composer self-update I kept getting the error:

[Composer\Downloader\TransportException]                                                          
  The "https://getcomposer.org/version" file could not be downloaded: SSL operation failed with co  
  de 1. OpenSSL Error messages:                                                                     
  error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed                 
  Failed to enable crypto                                                                           
  failed to open stream: operation failed  

I fixed it following these steps:

1) Create the local database using the command:

sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.locate.plist

2) Locate the cert file:

locate cacert.pem 

3) Check the location of the php.ini file:

php --ini

4) If the 'Loaded Configuration File' for php.ini file is showing as (none), copy the file /etc/php.ini.default to /etc/php.ini:

sudo cp /etc/php.ini.default /etc/php.ini

5) Open the php.ini file and edit the ;openssl.cafile= line by uncommenting it and appending the link to the cert file location:

openssl.cafile=/Users/me/.composer/cacert.pem

Thats it. Now, when you run the composer update, it will work fine.

Adding openssl.cafile to php.ini worked for me too. Instead of looking for the cert file, I downloaded it directly:

curl http://curl.haxx.se/ca/cacert.pem > cacert.pem

and then just pointed openssl.cafile setting to it.

On the mac with XAMPP:

cd /Applications/XAMPP/xamppfiles/share/openssl

sudo curl -O -k http://curl.haxx.se/ca/cacert.pem

sudo mv cacert.pem cert.pem

Stop and Restart Apache

I ran into the same exact issue on Windows even after adding valid latest certificate downloaded. I'm running composer behind proxy, So i've to add environment variables http_proxy and https_proxy.

My environment: PHP 5.6.33 Windows 7 64 bit Composer version 1.6.3 2018-01-31 16:28:17

I downloaded latest certificates CA Bundle and updated following paths in my php.ini still didn't work.

curl.cainfo = C:\Certificates\ca-bundle.crt
openssl.cafile= C:\Certificates\ca-bundle.crt
openssl.capath=C:\Certificates

Then did following steps

1) Open chrome browser and navigate https://packagist.org/

2) Click on the little Secure Lock icon

3) Click on Certificates Valid

4)Open Certificate Path tab and you will see the following path levels

5) Need to export the certificate for both 1&2 marked in the image

6) To export certificate, click on view Certificate, Got to Details Tab and click on Copy to file

7)choose BASE 64 encoding

8) click on Next and save that file to a location, Do this for No. (2) shown in setp 4

9) Open the .cer file and copy the content to the end of .crt file which you used to configure in php.ini

Then try running comport install - It's worked for me

Process should be same if you see composer throwing ssl error when accessing sites over proxy.

First: Check certificate file location which will be in default_cert_file key, you will found it in openssl_get_cert_locations() its a php openssl function. You can run it as follows:

$ php -r "print_r(openssl_get_cert_locations());"

Output in my system

    Array
    (
        [default_cert_file] => /opt/lampp/share/openssl/cert.pem
        [default_cert_file_env] => SSL_CERT_FILE
        [default_cert_dir] => /opt/lampp/share/openssl/certs
        [default_cert_dir_env] => SSL_CERT_DIR
        [default_private_dir] => /opt/lampp/share/openssl/private
        [default_default_cert_area] => /opt/lampp/share/openssl
        [ini_cafile] => 
        [ini_capath] => 
    )

Second: Download http://curl.haxx.se/ca/cacert.pem:

$ wget http://curl.haxx.se/ca/cacert.pem

Third: Copy certificate.pem file into default_cert_file location:

$ sudo mv cacert.pem /opt/lampp/share/openssl/cert.pem

** FROM https://github.com/composer/composer/issues/3346 **

For us, this issue only seemed to affect one of our private repositories. It may have had something to do with certs or a corporate firewall, but it seemed intermittent so we weren't able to confirm before we found a different fix.

Inside composer.json, we changed the repository URL from the https to the ssh variant and added the "no-api": trueoption:

"repositories": [
    {
      "type": "vcs",
      "url": "git@github.com:our-user/our-repo.git",
      "no-api": true
    }
]

With that edit, composer update/install operations were able to complete successfully.

composer clearcache

This worked for me when I get error :

https://packagist.org could not be fully loaded, package information was loaded from the local cache and may be out of date