drupal-7drupal-8drushddev

cURL error 60: SSL: no alternative certificate subject name matches target host name. Inter-project communication


So I'm still in the process of updating a Drupal 7 site to 8 using drush and ddev. After running the import, I get an error with upgrade_d7_file. I've tried to install a certificate using this article: https://www.ddev.com/ddev-local/ddev-local-trusted-https-certificates/

However still get the error, any ideas?

ddev exec drush migrate-import --all
ddev exec drush mmsg upgrade_d7_file

cURL error 60: SSL: no alternative certificate subject name matches target host name
'drupal7migration2.ddev.site'
(see https://curl.haxx.se/libcurl/c/libcurl-errors.html)
(https://drupal7migration2.ddev.site//sites/default/files/Virtual%20Challenges%20%28Results%20and%2
0PBs%29%2020200709.xlsx)

Solution

  • When you want one DDEV project to talk to another using https, curl on the client side has to trust the server side that you're talking to. There are two ways to do this:

    1. (built-in, no changes needed): Use ddev-<projectname>-web (the container name) as the target hostname in the URL. For example in your case, use curl https://ddev-drupal7migration2-web. This hostname is already trusted among various ddev projects.

    2. (requires docker-compose.*.yaml): If you want to use the real full FQDN of the target project (https://drupal7migration2.ddev.site in your case) then you'll need to add that as an external_link in the client project's .ddev. So add a file named .ddev/docker-compose.external_links.yaml in the client side (migration1?) project, with these contents:

    services:
      web:
        external_links:
        - "ddev-router:drupal7migration2.ddev.site"
    

    That will tell Docker to route requests to "drupal7migration2.ddev.site" to the ddev-router, and your container and curl trust it (it has that name in its cert list).

    This is covered in more detail in the DDEV FAQ on this topic.