Certificate issue when running Composer commands

Issue

Occasionally, when running composer commands you may see an error thrown about a certificate verification failure. This commonly occurs if there are any custom repository definitions under your sites composer.json file. The error itself may look similar to the following:

error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed
  Failed to enable crypto
  failed to open stream: operation failed

Resolution

To solve this issue, you need to locate your local catfile and then configure composer to use that file. Firstly in order to find where your local catfile is, you should run the following command:

php -r 'var_dump(openssl_get_cert_locations());'

This command will generate an array with the location of various SSL certification files, the one we're concerned with is the "cert.pem" file. Once you've found the path to "cert.pem" you should copy the location and use it with the composer config command:

composer config --global cafile '<location of cafile>'

Example:

composer config --global cafile '/usr/local/etc/openssl/cert.pem'

Cause

There are various reasons why this problem may have occurred but it's likely that a local change to either composer or your OS would have altered the configuration. Another potential reason is local antivirus software which can intercept SMTP traffic and therefore falsely report problems with valid package downloads.