cURL not working (Error #77) for SSL connections on CentOS for non-root users
If you recently reached here as I did when searching for the same error in vain you may find it to be an update to NSS causing failure on CentOS. Test by running yum update and see if you get errors, curl also creates this error. Solution is simple enough just install NSS manually.
Read on...
If you're like me it threw up an error similar to this:
curl: (77) Problem with the SSL CA cert (path? access rights?)
This took some time to solve but found that it wasn't the CA cert because by recreating them and checking all the configuration I had ruled it out. It could have been libcurl so I went in search of updates.
As mentioned I recreated CA certs. You can do this also but it may be a waste of time. http://wiki.centos.org/HowTos/Https
The next step (probably should of been my first) was to check that everything was up-to-date by simply running yum.
$ yum update
$ yum upgrade
This gave me an affirmative answer that there was a bigger problem at play:
Downloading Packages:
error: rpmts_HdrFromFdno: Header V3 RSA/SHA1 Signature, key ID c105b9de: BAD
Problem opening package nss-softokn-freebl-3.14.3–19.el6_6.x86_64.rpm
I started reading about Certificate Verification with NSS and how this new update may be related to my problems.
So yum is broken. This is because nss-softokn-* needs nss-softokn-freebl-* need each other to function. The problem is they don't check each others version for compatibility and in some cases it ends up breaking yum.
Lets go fix things:
$ wget http://mirrors.linode.com/centos/6.6/updates/x86_64/Packages/nsssoftokn-freebl-3.14.3-19.el6_6.x86_64.rpm
$ rpm -Uvh nss-softokn-freebl-3.14.3–19.el6_6.x86_64.rpm
$ yum update
You should of course download from your nearest mirror and check for the correct version / OS etc. We basically download and install the update from the rpm to fix yum. As @grumpysysadmin pointed out you can shorten the commands down. @cwgtex contributed that you should install the upgrade using the RPM command making the process even simplier.
To fix things with wordpress you need to restart your http server.
$ service httpd restart
Try again and success!
I just had a similar problem with Error#77 on CentOS7. I was missing the softlink /etc/pki/tls/certs/ca-bundle.crt that is installed with the ca-certificates RPM.
'curl' was attempting to open this path to get the Certificate Authorities. I discovered with:
strace curl https://example.com
and saw clearly that the open failed on that link.
My fix was:
yum reinstall ca-certificates
That should setup everything again. If you have private CAs for Corporate or self-signed use make sure they are in /etc/pki/ca-trust/source/anchors so that they are re-added.