Roots Discourse

Impossible to update ACF (PRO) - OpenSSL Error message when installing/updating ACF pro via composer

I was going to update WordPress and the plugins on my local website, I run composer update and it disabled ACF (PRO) and the console gave me this error

[Composer\Downloader\TransportException]
  The "https://connect.advancedcustomfields.com/index.php?a=download&p=pro&k=xxxxxkeyxxxxxxx1&t=5.9.5" file could n
  ot be downloaded: SSL operation failed with code 1. OpenSSL Error messages:
  error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
  Failed to enable crypto
  failed to open stream: operation failed

I never had a problem with this website, and I was always able to update wordpress/plugins this way.

I found another person that is having the same problem and he wrote on twitter to the ACF author, and ACF replied that

"In order to fix this, you'll need to update your web server. The OpenSSL package needs to be 1.1.x. 

Your hosting should be able to help or if you manage the server you can find specific instructions by searching Google for your operating system, version and "DST Root CA". 2/2"

see > https://twitter.com/GravyRaveyDavey/status/1445070579455901701

do you know how I can update the OpenSSL package to be 1.1.x on my local website? (I think that I will need to do the same on the staging and production environments)

many thanks

Hey @mattia! It looks like you got an answer from ACF on Twitter. Are you all set or is there something else we can help with here?

@MWDelaney thanks for your reply, unfortunately I don’t understand what I should do.
as far as I know, Trellis takes care about the certificate, maybe I need to update trellis?

is there a setting (or a patch) that I can change in order to have the OpenSSL package to be 1.1.x?

I tried with another website, always on my local, I update the ACF pro version in my composer.json file, then I run composer update, it tries to download the new version but with no luck.
the problem is that before installing the new version, it removing the old version, so now I am without ACF because it can’t download ACF anymore because of this error, this means that the website is broken because without ACF doesn’t work.

as usual I update the plugins/wordpress, before on my local enviroment but this time with no luck.

I ssh into the local vagrant machine to check the openssl version, I run openssl version and I can see this (I tried on 2 websites)

as I said I tried also with another website, (it has the same problem with ACF), and when I ssh into my local test website and I run openssl version I can see this
Screenshot 2021-10-07 at 15.20.56

what can I do? could you please point me into the right direction?
any suggestion or advice would be very helpful, because I am lost.

many thanks

Screen Shot 2021-10-07 at 9.52.03 AM

You’re running composer on your native CLI. That’s where you would need to update OpenSSL, not in your VM (you’re not running composer in your VM).

thanks @alwaysblank, so basically I need to update the OpenSSL directly on my MacBook pro, is this what you said?

I don’t have a memory of installing the OpenSSL in the past on my MacBook, but maybe I am wrong.
maybe it was something that mac has by default?
I am sorry for the maybe stupid question, but I don’t know a lot about SSL, even tho I used trellis/bedrock/sage in 8 projects.

Just to give you more info, my macOS is Mojave 10.14.6 and when I run openssl version in the default iTerm window it says “LibreSSL 2.6.5”

is this can be the problem?

everything was working until June, I didn’t have any problem with this, I noticed this only today because I was going to update Wordpress and plugins on a couple of websites.

What I can try to do?
should brew install openssl do the trick or there are other commands/steps that I should consider?

many thanks for your help!

Updating libraries on your local computer is out of scope of this forum. We recommend a more generalist forum like Stack Overflow. This might get you started: