I was trying to upgrade WordPress on one of my servers, but kept receiving an SSL-related error:

Peer certificate cannot be authenticated with known CA certificates.

I verified the SSL certificate on the server and there are no issues with it as far as I can tell, but I’d be curious to know if someone else figures out the actual cause.

That said, and as a quick work-around, you can prevent cURL from verifying the certificate just during WordPress upgrades:

add_action(
	'load-upgrade.php',
	'my_load_upgrade_php'
);

function my_load_upgrade_php() {
	add_filter(
		'http_request_args',
		'my_http_request_args',
		10,
		2
	);
}

function my_http_request_args($args, $url) {
	$args['sslverify'] = false;
	return $args;
}

What this will do is set CURLOPT_SSL_VERIFYPEER to false:

curl_setopt( $handle, CURLOPT_SSL_VERIFYPEER, false );