Secure PHP access between Valet Sites

skeemer • March 17, 2019


Laravel Valet has been an absolute lifesaver for me. It’s made developing locally so much easier. I can actually trust that my CORS setup will work when migrated to production.

Today I ran into the unique situation where I needed to use PHP to access another valet site. I ran into the following error messages:

Warning: file_get_contents(): SSL operation failed with code 1. OpenSSL Error messages: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed in ...

Warning: file_get_contents(): Failed to enable crypto in ...

I figured out how to fix it by following the instructions on StackOverflow and figuring out that my valet install had it’s own CA files.

cd ~/.config/valet/CA
curl --remote-name --time-cond cacert.pem
cat cacert-temp.pem LaravelValetCASelfSigned.pem > cacert-mod.pem
echo $PWD/cacert-mod.pem

Copy the file path from the last line and put that into your php.ini. For me that currently exists at /usr/local/etc/php/7.2/php.ini. If you need help finding the one valet is currently using, just make a page with <?php phpinfo(); and search for php.ini. The option in php.ini we are setting is “openssl.cafile”. Mine will be like this.


Make sure if you edit that line, you remove the comment “;” at the beginning.

Just run valet restart and you’re good to go. This ensures you are using the current CA list for normal sites rather than just turning the check off.