This message appears if you use a firewall or a proxy server that breaks SSL connections and re-encrypts them afterwards with its own certificate. Matomo uses a cacert file extracted from the Firefox browser and is therefore unable to connect to any SSL encrypted page with your specific setup.

To solve this issue, you are able to provide your own cacert file that trusts your proxies certificate. To use your own file, follow these steps:

  1. upload your cacert.pem file in a folder on your server such as /path/to/your/cacert.pem
  2. add custom_cacert_pem = "/path/to/your/cacert.pem" to the [General] section of your config file config/config.ini.php.
  3. Make sure the certification is readable by your webserver.
Previous FAQ: What to do when you see curl: (60) SSL certificate problem: unable to get local issuer certificate error?