— SSL certificate problem: self-signed certificate in certificate chain
This is usually the case where you don’t have an up-to-date list of certificate authorities (or any list at all). To resolve the error, you need to update your php.ini file and set the curl.cainfo property.
For example, on Windows:
See this for configuring php.ini - http://www.php.net/manual/en/curl.configuration.php#ini.curl.cainfo
See this for a CA root certificate bundle download (pem file) - http://curl.haxx.se/docs/caextract.html
— SSL certificate problem, verify that the CA cert is OK.
Details: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
This error usually occurs when curl tries to connect to CommBank Simplify and the CA certificate used to sign the CommBank Simplify certificate is not trusted. To solve this issue, you can:
Either add the CA certificate to the list of trusted CA certs on your server;
Or if you use PHP curl, use curl_setopt to set the path on your server to the CA cert (as a PEM file) to verify the peer with.
Example: curl_setopt($ch, CURLOPT_CAINFO, '/path/to/cacert.pem');
See curl_setopt PHP documentation – http://php.net/manual/en/function.curl-setopt.php