Curl Error "No Alternative Certificate.."

Curl: Fix CURL (51) SSL error: no alternative certificate subject name matches

It usually happens when the certificate does not match with the host name.

The solution would be to contact the host and ask it to fix its certificate.

Otherwise you can turn off cURL's verification of the certificate, use the -k (or --insecure) option.

Please note that as the option said, it is insecure. You shouldn't use this option because it allows man-in-the-middle attacks and defeats the purpose of HTTPS.

More can be found in here: http://curl.haxx.se/docs/sslcerts.html

curl --cacert error curl: (60) SSL: no alternative certificate subject name matches target host name

Use wget. --ca-certificate=path/to/PEM/ca/cert

Curl error no alternative certificate..

To summarize from the comments:

The good and the bad system actually accessed different servers which were configured with different certificates. That's why it failed on one system but not on the other.
The reason for this difference was that the bad system had an entry in /etc/hosts which was used instead of asking the DNS server.
The problem was found by comparing the output of curl -v and realizing that the shown target IP address was different.
The problem was fixed by removing the old entry in /etc/hosts so that it now queries the DNS server and gets the correct IP address of the server.

message: cURL error 60: SSL: no alternative certificate subject name matches target host name 'api-.pusher.com'

I think you should install the CURL extension as below (on Linux):

sudo apt-get install php-curl

This will install a dependency package, which depends on the default PHP version. After that restart apache

sudo service apache2 restart

on windows:
read this article

cURL error 60: SSL: no alternative certificate subject name matches target host name. Inter-project communication

When you want one DDEV-Local project to talk to another using https, curl on the client side has to trust the server side that you're talking to. There are two ways to do this:

(built-in, no changes needed): Use ddev-<projectname>-web (the container name) as the target hostname in the URL. For example in your case, use curl https://ddev-drupal7migration2-web. This hostname is already trusted among various ddev projects.
(requires docker-compose.*.yaml): If you want to use the real full FQDN of the target project (https://drupal7migration2.ddev.site in your case) then you'll need to add that as an external_link in the client project's .ddev. So add a file named .ddev/docker-compose.external_links.yaml in the client side (migration1?) project, with these contents:

version: '3.6'
services:
  web:
    external_links:
    - "ddev-router:drupal7migration2.ddev.site"

That will tell Docker to route requests to "drupal7migration2.ddev.site" to the ddev-router, and your container and curl trust it (it has that name in its cert list).

cURL error 60: SSL certificate: unable to get local issuer certificate

How to solve this problem:

download and extract cacert.pem following the instructions at https://curl.se/docs/caextract.html
save it on your filesystem somewhere (for example, XAMPP users might use C:\xampp\php\extras\ssl\cacert.pem)
in your php.ini, put this file location in the [curl] section (putting it in the [openssl] section is also a good idea):

[curl]
curl.cainfo = "C:\xampp\php\extras\ssl\cacert.pem"

[openssl]
openssl.cafile = "C:\xampp\php\extras\ssl\cacert.pem"

restart your webserver (e.g. Apache) and PHP FPM server if applicable

(Reference: https://laracasts.com/discuss/channels/general-discussion/curl-error-60-ssl-certificate-problem-unable-to-get-local-issuer-certificate)