Using Tickers, Forecast, Twitter and other external resources that make use of HTTPS connections

FAQ's
1

Using Tickers, Forecast, Twitter and other external resources that make use of HTTPS connections

It is easy to reference and use external sources in Xibo widgets such as Tickers, however special consideration may need to be taken when referencing resources provided over SSL (anything with HTTPS at the front of the Address).

Symptoms

You have added a Ticker/Twitter/Forecast media item which references a feed or uses resources served over HTTPS and nothing is shown. You have checked the logs and note a message similar to:

SSL certificate problem, verify that the CA cert is OK

or

Unable to reach Forecast API. No Host Found (HTTP Code 0). Curl Error = SSL certificate problem: unable to get local issuer certificate

The message originates from something called curl.

Explanation

curl is a PHP extension which allows the CMS to download resources from external sources like the Internet or a Local Network.

Any time Xibo uses curl it makes sure that it “Verifies the Peer”. In basic terms this means it checks to ensure whomever supplies the data is who they say they are.

Xibo does this because if something is served over HTTPS then it is reasonable to assume the returned information is sensitive and that it should be protected and verified.

The certificate problem error occurs because curl uses a bundle of “CA root certificates” to perform the verification and these certificates are missing on some installations. For example, these certificates are almost always missing on Windows Installations.

Resolution Windows Servers

The web server that hosts the CMS needs to be updated with the latest CA root certificates. This may sound complicated, but is actually very easy.

  1. Download the latest CA root certificate from the curl website and save it to your server drive as, for example, c:\php\cacert.pem.
  2. Edit the php.ini file for your PHP installation to tell curl where the root certificate is located. You will be adding a line that looks like curl.cainfo=c:\php\cacert.pem. If a similar line already exists, edit it to point to the correct location and ensure that it isn’t commented out. If the line doesn’t already exist, simply add a new line to the end of the file.
  3. Restart the web server.

If these steps still produce the same error, then the certificate signing the resource you have requested in invalid and you actually want the error to be thrown to protect your data.

Resolution Linux Servers

On most Linux distributions, it should be sufficient to install the ca-certificates package provided by your distribution and then restart your web server.

Further Reading

There are some excellent sources of further reading:

3 Likes
Ticker doesn't show xibo 1.7.3
Forecast IO behind proxy
Unable to reach Forecast API. No Host Found (HTTP Code 0). Curl Error = SSL certificate problem: unable to get local issuer certificate
Twitter Module Error
RSS and Clock module does not appear in windows client
Forecast IO does not appear
Xibo Modules - Reset to Default or uninstall/reinstall?
configuraciĂłn twitter
Forecast.io does not work with 1.7.7
Twitter Feed not showing in Client player
Problem with ticker module (Rss)
Weather not displaying
How to return a user's tweets?
Twitter v 1.7.4
Install on Windows Server 2012 R2
Default Layout fails?
cURL on EasyPHP Devserver 16.1
Didn't show some data Twitter API
Module twitter - images
Unable to reach Forecast API
Finance Module on Windows CMS Help Please?
Internet access issue with forecastio
Cannot get anything to show up in ticker - cms Version 1.7.6 client Version 1.7.6
Weather Module not working
Twitter widget needs configuration
Xibo CMS Post-Installation Setup Guide - 1.7 Series
iCAl not working
Twitter SSL Certificate Problem
HTTPS RSS Feeds doesent work
Twitter Feed Setup
Problems with CMS to XMR and Player not showing online content
Ticker Wigget, Webpage, Weather, are not displayed
Player does not display weather forecast, internet is ok
Unable to get RSS and Weather Widget to work
Problems to show rss 2.0
RSS Ticker wont work
RSS doesn't work when connecting to https://
Unable to retrieve external data
Xibo weather module issues
Small problem with RSS Ticker and stock module
RSS Feed - unable to get feed: cURL error 28
Weather Not Updating In Docker
What about ssl?
Twitter Error Module
cURL error 7 port 443 Operation timed out
Weather Module - just see a blank page - no weather informations
Weather widget doesn't work
Issues with weather (curl error 60) self signed cert
HTTPS Content (feeds and more) dosen't working in CMS 3.0
No Weather showing with Forecast IO
Client Not Updating
Forecast IO does not appear
RSS feed with SSL
Unable to display HTTPS with ssl webside
Forecast IO not working after upgrade from 1.7.1 to 1.7.4
Trouble displaying the ticker
cURL is used to fetch data from the Internet or Local Network and is required
RSS Feed is not updating client is 1.7.2 and cms is 1.7.3
Unable to connect to remote server
Weather IO Security?
Twitter module displays no tweets
Regions not displaying (static images are)
cURL is used to fetch data from the Internet or Local Network and is required.?