Unable to get local issuer certificate error

We have been using postman runner for a while now but have started receiving the error “unable to get local issuer certificate” Does anyone know what this means and how to resolve. My team are not developers and self taught with Postman and API’s so forgive our ignorance

try turning off “SSL certificate verification” under File->Settings

I’m getting this error on latest versions of Postman like on win64-7.28.0, win64-7.29.1.
Error has gone when I degraded it to win64-7.13.0.

“SSL certificate verification” is On under settings.

Let me know if it also works for you

I was on version 8.0.3 and got the same error message as @amymcclatchy. I’d really rather keep SSL certificate verification ON to catch issues with expired certificates. I have tried using the version mentioned by @rich.browserstack that I downloaded from https://dl.pstmn.io/download/version/7.13.0/win64, but I still get the same error message.

What “local issuer certificate” is Postman trying to get?

This is a simple GET request, and Chrome does not seem to think there’s anything wrong with the certificate…

Hi @security-explorer-42,

Welcome to the community!

The issue is likely that there is no trust established with the certificate from the endpoint you are hitting, and your client, or Postman.

Doing some googling, it looks like this issue could be related to the server endpoint, and not Postman, where TLS is not properly set up. Are you experiencing this issue with other clients? What does Chrome actually show you? Are the developers of the endpoint aware of this issue? Maybe try a curl request to see if the same issue arises.

You’ll likely have to do a bit more troubleshooting to really see where the error is, but for now, this is your best start.

@odanylewycz using curl helped us determine that there were no errors with the endpoint itself. It turned out that we needed get a bundle of our company’s internal CA root and intermediate certificates. We specified the bundle in Postman (Settings >> Certificates >> CA Certificates), then we could turn ON the Settings >> General >> SSL certificate verification and no longer received either of the errors (“unable to get local issuer certificate” or “unable to verify the first certificate”).

Hi @security-explorer-42,

Great to hear, sounds like good troubleshooting to me.

My second option was about importing the proper CA certs (including intermediaries), into Postman and then trying it out, however I have usually seen slightly different errors. Maybe it was because intermediary certs were needed here.

Anyway, thanks for sharing your solution with the community!

I have SSL Certification Verification switched off and I’m still getting this error message.

If the issue persists, you can disable SSL certificate verification by going to Settings (the gear icon) > General tab > turn off “SSL certificate verification”. Additionally, make sure the server’s certificate chain is complete, and install any missing root or intermediate certificates on your system. If you’re using a self-signed certificate, you can add the CA certificate under Settings > Certificates in Postman. Further, you can read https://cheapsslweb.com/blog/fixing-unable-to-get-issuer-cert-locally-error/ or you can find on github also to get resolve.

The “unable to get local issuer certificate” error in Postman typically occurs when the client (Postman) cannot verify the SSL certificate chain from the server. This often happens because Postman is missing the root certificate required to validate the chain.

To resolve this, you can disable SSL certificate verification in Postman under Settings > General, or you can install the missing certificates locally. You can learn more about fixing this error at - How to Fix Unable to Get Local Issuer Certificate Error (found from Google).

For anyone who had SSL Verification Off, also make sure it’s off in the request itself under “settings,” not just in File → Settings. This was my issue.

I have had this error using Newman when I was exporting the collection with the version v2.1. Using the v2, it has worked
I hope this help!!

image575×511 22.5 KB

The “Unable to Get Local Issuer Certificate” error stems from a misconfigured SSL certificate on your local machine. This misconfiguration prevents a successful HTTPS handshake from taking place. The error is often linked to self-signed or corporate certificates, particularly with Git. (Self-signed certificates are mainly used in testing or development environments and are not verified by trusted Certificate Authorities. Git may throw an error when encountering such certificates.

To fix the SSL/TLS error, you can perform any one of the methods mentioned below. There are different methods for error fixes, such as:-

1. Alter the php.ini File

2. Add SSL Certificate to Trusted Certificate Store

3. Reinstall Git & Select SSL Transport Backend Option

4. Grant Repository Access to SSL Certificates or Reassign Path in VS Code

5. Disable the SSL certificate

Apologies for replying to an old thread, but this was a top result in the search engine for this error message. If anyone else runs into this, here’s another suggestion for you:

If you have access to a VPN, and it’s off right now, try turning it on (or if it’s already on, try turning it off), then re-run the request in Postman.

I saw this error message on a work computer. As it happens, my company issues custom certificates. Duh! That certificate is not reachable unless connected through their VPN. I had been issued a replacement laptop recently and normally I don’t use their VPN unless I’m doing specific things because it breaks other services I need access to. Looks like for this case, it’s reversed! Haha.

If you aren’t sure if/how your certs are issued:

1. In your browser, go to the site you’re trying to hit in Postman
2. Click the lock icon in the URL area of your browser
3. Click “Connection is secure”
4. There will a small icon in the second panel that you can click on (my icon looks like a small card with an award on it.) Click that icon
5. You should now be able to see the certificate for that site. In the General tab of your cert, you should be able to see the issuance details

Hopefully from there you can deduce the problem. Maybe the cert expired. Maybe it’s a VPN or a proxy thing like it was for me. Maybe the CN changed and invalidated the associated records. Something like that. I would assume those other things have different error messages, but who knows with Postman sometimes!

Quick example: if you’re doing a lot of reverse proxy work for a self hosted site you turned HTTPS on for, you’re probably going to want to look at the certificates you had issued through Let’s Encrypt.

Hope that helps!