Earlier today I stumbled across the popular Jetpack plugin for WordPress while configuring a self hosted installation for a client. Installing the plugin went fine, but once installed it then asks you to connect your site with wordpress.com to enable the features of the plugin. Unfortunately, clicking on the “connect to wordpress.com” button brought up the error message below –
Jetpack could not contact WordPress.com: token_http_request_failed. This usually means something is incorrectly configured on you web host. SSL certificate problem: self signed certificate in certificate chain
Now that error message isn’t particularly helpful, particularly if, as in this instance, the site wasn’t using SSL at all. I googled the error and found this support page on the wordpress forums, only to then discover it’s not resolved.
After more googling I found this post which indicated it might be something to with the jetpack/wordpress SSL certificate rather than that of the wordpress install we’re using.
So, between those two posts I decided to try hacking jetpack.php as mentioned in the wordpress forum post, which as the poster suggests, seems to fix the problem. While wordpress are silent on what the actual resolution is for this, I can confirm that changing –
defined( 'JETPACK__API_BASE' ) or define( 'JETPACK__API_BASE', 'https://jetpack.wordpress.com/jetpack.' );
defined( 'JETPACK__API_BASE' ) or define( 'JETPACK__API_BASE', 'http://jetpack.wordpress.com/jetpack.' );
in jetpack.php does indeed seem to fix things.
I wouldn’t claim to be an expert on SSL, but I think this may be down to how WordPress have decided to use Jetpack.me in place of jetpack.wordpress.com, but not updated the SSL certificate to reflect this. I may, of course be barking up the wrong tree there.
Only time will tell if that causes any issues further down the road.