We received reports from users who are getting the errors below:
- Memberium cannot connect to CRM: “Invalid API Key (328): ERROR: 8 – cURL error: SSL certificate problem: certificate has expired”
- Memberium License not picking Up: “Loading Remote Page Content Failed: cURL error 60: SSL certificate problem: certificate has expired”
There was an SSL change announced last May which took effect September 30th. Most likely your server has not been updated, and that is what is causing this issue.
“On September 30, 2021, there will be a small change in how older browsers and devices trust Let’s Encrypt certificates. If you run a typical website, you won’t notice a difference – the vast majority of your visitors will still accept your Let’s Encrypt certificate.” – LetEncrypt
Here’s the bulletin on the SSL issue from May 7, 2021
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
How to resolve the problem for “Loading Remote Page Content Failed: CURL error 60: SSL certificate problem: certificate has expired”
There was an SSL change announced last May which took effect September 30th. Most likely your server has not been updated, and that is what is causing this issue.
Here’s a link to the notice:
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/
Option 1:
You need to reach out to your hosting provider and let them know that your server needs to make SSL connections to other servers and that you need your OpenSSL certificate trust list updated.
Your website’s plugins need to make API calls to other websites using the Let’s Encrypt SSL certificates. The root certs for Let’s Encrypt changed on September 30.
Your website’s OpenSSL root cert trust list is out of date, and has the old root certs in it, and cannot very/connect over SSL API’s to other servers using Let’s Encrypt SSL certs.
Your website team needs to update their OpenSSL certificate root bundles, and possibly reboot the server for it to be fixed.
Once that’s done, your server may need a reboot. This is NOT related to your site’s SSL certificate.
You can send this to your hosting provider:
Hello,
It appears my web server can’t make SSL API connections to other servers, and it appears you’ll need to update OpenSSL certificate trust list on my web server or my website to make that work.Please note this is NOT related to my SSL certificate.
This is the error I am seeing:
“cURL error 60: SSL certificate problem: certificate has expired”Again, this is not related to my SSL certificate, but with OpenSSL certificate trust list on the web server my website is on.
Here’s the bulletin from last May from Let’s Encrypt about the SSL updates:
https://letsencrypt.org/docs/dst-root-ca-x3-expiration-september-2021/Also, here’s an article which should help you fix this even faster:
https://wp-kama.com/note/error-making-request-wordpressThanks,
How to resolve the problem for “Invalid API Key (328): ERROR: 8 – CURL error: SSL certificate problem: certificate has expired”
Option 1:
You need to reach out to your WebHost and let them know that your server needs to make SSL connections to other servers and that you need your OpenSSL certificate trust list updated.
Once that’s done, your server may need a reboot. This is NOT related to your site’s SSL certificate.
Option 2 (For Keap/Infusionsoft):
Use OAuth API Connection instead of using the Legacy API.
In order for you to enable OAuth API, you can navigate to Memberium => Settings => Performance tab and in there enable the “Beta OAuth API” option.
In order to be able to enable this option, you need to make sure a standalone i2SDK plugin is not used (you can verify this under the Plugins section and making sure there’s no i2SDK plugin). If you are using i2SDK, then we recommend disabling Memberium, then removing i2SDK, and then activating Memberium again.
Note: i2sdk is no longer required for Memberium since it is already built-in with Memberium. You can safely deactivate and delete this plugin if your Memberium is v2.182 and above.
After that is enabled, you’ll navigate to Memberium => Keap Connections section and connect to your Keap app.
How to resolve ActiveCampaign Webhooks Not Working
(As related to this issue)
We’ve contacted ActiveCampaign support and they’ve confirmed their servers will need to update the certificate trust (similar to what your webhost needed to do as mentioned above). The only workaround is to move away from Let’s Encrypt SSL until ActiveCampaign can update things on their end. Other certificate providers would work and not be affected by the recent changes at Let’s Encrypt.
We’d assume they are working on this as a top priority as it is likely affecting many customers.
If you have further questions, please feel free to contact us at support@memberium.com