WordPress 4.4 Update Breaks Itself With SSL Certificate Problem: Unable To Get Local Issuer Certificate

WordPress4.4 has just been released and it is highly recommended to update. BUT it is broken on many servers. The update will go OK but it will also update the SSL certificate bundle that WordPress uses to update itself, the themes and plugins. The certificate bundle appears to be damaged or incorrect and stops any WP updates

You will get a message saying http_request_failed: “SSL certificate problem: unable to get local issuer certificate” whenever you try to do anything involving WordPress updates, updating or installing themes or plugins or using Jetpack features like stats or sharing etc.

You can also get this error with many other plugins that use SSL to communicate for functionality like sending emails or even posting to twitter or Facebook etc. . Mailchimp is one that comes to mind

The error screen will look something like this. It doesn’t matter what plugin or theme you try to update. the error message will be similar.

I did a bit of searching and found this post on WordPress support that does fix the problem. All my WP sites gave me the SSL warning until I used the certificate bundle from that post

https://wordpress.org/support/topic/cant-update-wordpress-ssl-certificate-problem-error14090086s

Go to http://curl.haxx.se/ca/cacert.pem and save it as ca-bundle.crt

Upload this file to: wp-includes/certificates/ca-bundle.crt

Remember that any update WordPress does will overwrite this. So until WordPress fixes/updates themselves, you should manually do this yourself.

I wish WordPress could send out a hotfix of some sort now to make this update. Updated certs is very important for security and communication between sites.

http://curl.haxx.se/ca/cacert.pem is a copy of the Mozilla open source ca certificates so are perfectly safe and legitimate. if you right click the link & select save as. You can save the pem as ca-bundle.crt. Save it to a safe place on your computer, say desktop or downloads folder. Then upload to your wp-includes/certificates/ folder and overwrite the existing ca-bundle.crt It doesn’t matter what server you are running WP on, the certificates that WordPress uses will be inside the wp-includes/certificates/ folder.

Some servers will be able to bypass the WordPress included certificates and use the ones bundled inside OpenSSL or PHP/Curl when the WordPress ones fail. But for simplicity and convenience replace the WordPress ones with the ones from the link. Only WordPress will use them not any other program on your server
I had to replace the WordPress installed ca-bundle.crt on 10 sites that I manage in the last half hour after updating to WordPress 4.4 and I am not a happy bunny

WordPress fix your error & fix it NOW !!!