PHP getimagesize(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL

Today I encountered a problem with the client application server (CentOS), and always reported an error when using getimagesize():

PHP getimagesize(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed

The preliminary judgment is that the openssl.cafile in php.ini is not set. After opening the php configuration file, it is found that it is set. The current setting value is:

openssl.cafile=/etc/pki/tls/certs/ca-bundle.crt

Later, I suspected that the certificate might have expired. I first compared the contents of the file on my own server and found that the size was inconsistent. Then I copied and pasted the content from my own server. After saving, the problem of reloading the php configuration still exists;

I remembered that a similar problem occurred on the Windows system before, and curl.cainfo was configured at that time, so I download the certificate and put it in the /usr/local/openssl/ directory, modify the configuration

[curl]
curl.cainfo = /usr/local/openssl/cacert.pem

[openssl]
openssl.cafile=/usr/local/openssl/cacert.pem

When this problem occurs on the Internet, the solutions found are all handled in this way. However, the problem of reloading the configuration after saving remains. Change the configuration back again.

Finally saw this problem on Stack Overflow

It is found that the Linux system has a command to update the local certificate. Different system commands are different. CentOS operations are as follows:

# Install ca certificate tool
yum install ca-certificates -y

# Update certificate
update-ca-trust

problem solved.