Fatal error on Site Health screen: "Please don't turn CURLOPT_SSL_VERIFYHOST off"

[lxjtian]

WordPress 5.5 Beta 3

PHP 7.4

when I click ​https://www.aiyahu.net/wp-admin/site-health.php show error below

Fatal error: [snuffleupagus][disabled_function] Aborted execution on call of the function 'curl_setopt', because its argument '$option' content (81) matched the rule 'Please don't turn CURLOPT_SSL_VERIFYHOST off.' in /home/aiyahu/public_html/wp-includes/Requests/Transport/cURL.php on line 150

[Clorith]

Hiya, and welcome to the WordPress trac!

It looks like you've got some kind of security rules in place that do not allow applications to disable SSL verification on remote requests. There's not much we can do about this, unfortunately, although you could use the https_local_ssl_verify filter and return true on it (quickly done with add_filter( 'https_local_ssl_verify', '__return_true' );)

You will find that the same code is used when doing a loopback check, and when editing plugin or theme files. The reason it disables ssl verification is that it is connecting to it self (the same site), which can in some cases cause ssl certs to incorrectly be read as invalid.

as there's not much we can do about this, I'm going to suggest we close this ticket, but I'll leave it open for your input, as you may know more about the security rules you are using here.

[johnbillion]

Agreed, this is something you need to speak with your web host about. Best of luck!