I had the same problem today.
Curl comes with an outdated file to authenticate HTTPS certificates from.
get the new one from:
http://curl.haxx.se/ca/cacert.pem
save it into some dir on your site
and add
curl_setopt ($curl_ch, CURLOPT_CAINFO, dirname(__FILE__)."/cacert.pem");
To every request 🙂
IGNORE any dumbass comments about disabling CURLOPT_VERIFYPEER and CURLOPT_VERIFYHOST!! That leaves your code vulnerable to man in the middle attacks!
December 2016 edit:
Solve this properly by using Jasen’s method mentioned below.
add curl.cainfo=/etc/ssl/certs/ca-certificates.crt
to you php.ini
October 2017 edit:
There is now a composer package that helps you manage the ca certificates, so that you’re not vulnerable if your cacert.pem becomes outdated due to revoking certificates.
https://github.com/paragonie/certainty -> composer require paragonie/certainty:dev-master