Updating WordPress on Xampp behind Corporate Proxy [Windows]

From time to time I’m forced to search the whole wide web in order to find solutions for issues that come up. What I will post next is not a scientific guide but it may help others, and possibily avoid you the time waste I suffered.


If you use Xampp behind a corporate proxy, you may have dealt with this problem, where everything in your wordpress platform appears blocked, since feeds to updates.

When you visit the update dashboard, you probably won’t get any result, as without communication, it says everything is falsely up to date.


To fix this, you will need to tell wordpress which are the proxy details of your environment, so on the wp-config.php file insert the following lines:

define('WP_PROXY_HOST', 'https://proxyexampleurl');
define('WP_PROXY_PORT', '80');
define('WP_PROXY_USERNAME', 'username');
define('WP_PROXY_PASSWORD', 'password');
define('WP_PROXY_BYPASS_HOSTS', ', localhost:8080');

change the parameters above to match your own. I believe most of the lines are self-explanatory; if your proxy doesn’t require authentication, delete the username and password line.

The last line is related with your Xampp’s general address/IP, so it should be changed accordingly too.

From what I was able to found, this by itself should be enough to fix the issue, but from my own trial and error, it was clear it was not enough.

After the parameters above are correctly set, the wordpress platform was able to communicate successfully with the wordpress repository since it identified newer files to update, but was still not able to download and upgrade, and it was throwing the following error: 

cURL error 60: SSL certificate problem: unable to get local issuer certificate

This is related with the SSL certificate installed on your machine. A lot of folks recommend the following steps, which I could not left out, although they were not enough for my case (if you know you have this part figured out, jump down to wp-config edit again):

  1. Download “cacert.pem” from here: http://curl.haxx.se/docs/caextract.html.
  2. Copy and paste into a text file then save as cacert.pem.
  3. Save the cacert.pem file you created anywhere on your system.
    For example: Since we’re be modifying php.ini, and telling PHP where to look for this file, on a Windows server save the cacert.pem in “C:\php\extras\ssl”.
  4. Open your php.ini file and change the following:
; curl.cainfo = 


curl.cainfo = "C:\xampp\PHP\Extras\SSL\cacert.pem";  (or wherever you saved your cacert.pem file)


Restart your server.

If your `php.ini` file does not have the curl.cainfo line, just add it at the end of the file.

The steps above are general regarding the certificate installation on Windows, but they will only work if your Xampp installation is reading the defaults parameters (which for a whole lot of reasons, it may not be).


The element that did the trick for me was bypassing the SSL verification, which should only be used in development stage, never never never live (but since we are talking about updates on xampp).

Open your wp-config.php file and add the following lines in the very end:


require_once(ABSPATH . 'wp-settings.php');


add_filter('https_ssl_verify', '__return_false');
add_filter('https_local_ssl_verify', '__return_false');


And you should be good to go.

As stated earlier, this is just some help for others to find quicker what took me a little bit to gather. If you struggle with any of these steps, leave your comment below. Suggestions are also welcome!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.