How to disable SSL check with Laravel http post
Stefan Izdrail
Founder & Senior Architect · 2026-06-29
In this blog post, we will discuss how to handle a common issue that arises when making HTTP requests from your local development environment in Laravel without SSL enabled. Typically, you encounter an error stating "SSL certificate problem" while working with payment gateways or APIs that require SSL connections. In this section, we'll dive into the context and provide a few solutions to bypass this issue.
The Problem: When running your Laravel application on your local machine without an SSL certificate, you might face difficulties in making HTTP requests using cURL or other PHP libraries. Since your PC doesn't have the required certificates, it might not trust the remote server, resulting in an error related to invalid SSL certificates.
The Solutions:
1. Disable Verification: You can add the following option in your HTTP request: ```php $response = Http::post($url, $fields)::withOptions(["verify" => false]); ``` This will bypass the SSL certificate check for that specific request. However, this is not considered a secure practice and should be used only in development environments. 2. Create a Test Server: As an alternative, you can create a test server on your Laravel application to enable SSL connections during development. To achieve this, follow these steps: - Create a dedicated environment for testing purposes (e.g., TEST_ENV or DEV_ENV). - Activate the SSL certificate on that specific environment by either purchasing one from a trusted provider or generating a self-signed certificate using tools like OpenSSL. - Configure your PHP code to use this new environment when making HTTP requests: ```php $paystack_key = \config("app.paystack_key"); if (env('APP_ENV') === 'TEST_ENV' || env('APP_ENV') === 'DEV_ENV') { $url = "https://api.paystack.co/transaction/initialize"; } else { $url = "http://localhost:8080/payment-gateway/transaction/initialize"; } ``` This approach offers more security while maintaining the functionality to handle SSL certificate issues in your local testing environment. 3. Using GuzzleHTTP (Laravel v6+): Laravel 6 and above provide a built-in HTTP client, called GuzzleHTTP, which has better SSL certificate handling. It allows you to create custom transports for specific requests. You can either set the verify option to false or define a custom transport with a trusted SSL certificate: ```php use GuzzleHttp\Client; $client = new Client([ 'verify' => false, // Disable SSL check globally 'transports' => [ 'https' => [ 'handler' => \GuzzleHttp\HandlerStack::create( new GuzzleHttp\Middleware[] { new \GuzzleHttp\Middleware::mapRequestTo('http', function ($r) { $r->setUri($apiUrl); return $r; }), new \GuzzleHttp\Middleware::trustProtoHeader(), } ), ], ] ]); ```Conclusion: Bypassing the SSL certificate problem in your Laravel application depends on the context and your specific needs. Each approach has its pros and cons, but it's essential to ensure secure communication when handling sensitive information from payment gateways or APIs. It is highly recommended to use a trusted environment or custom transport when dealing with such scenarios. For more guidance, you can visit https://laravelcompany.com/blog for comprehensive tutorials and best practices on Laravel development.