| Summary: | rhn_check throws SSL.Error | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Boris Folgmann <boris> |
| Component: | up2date | Assignee: | Adrian Likins <alikins> |
| Status: | CLOSED NOTABUG | QA Contact: | Fanny Augustin <fmoquete> |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 8.0 | CC: | gafton, mihai.ibanescu, rob |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2003-08-06 23:03:22 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
Can you check the clock on the machine in question? This looks to be the kind of error I've seen on machines with badly off sync time clocks. The clock is ok. The problem was an overloaded/faulty (?) primary DNS. It returned always "non existing" for every lookup e.g. nslookup www.zvw.de printed: Non-authoritative answer: *** Can't find www.zvw.de: No On the next day it worked again. Sadly my ISP could not find any problem with his DNS. Because the DNS returned "non existing" the local resolver did not try the secondary server which returned true results according to nslookup. I have the identical problem on my system, but at Red Hat 9.0. My system clock is correct and up to date (I reset it using bot the redhat and time-a.nist.gov time servers, and neither fixed the problem). I have the identical problem on my system, but at Red Hat 9.0. My system clock is correct and up to date (I reset it using bot the redhat and time-a.nist.gov time servers, and neither fixed the problem). Rob, have a look at this, it should help you.
The certificate used by up2date and rhn_register to communicate with the
Red Hat Network reached its end of life on August 28th 2003. Users
attempting to connect to Red Hat Network will see SSL connection or
certificate verification failures.
New versions of the up2date and rhn_register clients are now available
which are required for continued access to Red Hat Network.
* RHSA-2003:267 for Red Hat Linux:
https://rhn.redhat.com/errata/RHSA-2003-267.html
* RHSA-2003:268 for Red Hat Enterprise Linux:
https://rhn.redhat.com/errata/RHSA-2003-268.html
New versions of the up2date client that contain the new certificate are
immediately available for download at:
https://rhn.redhat.com/help/latest-up2date.pxt
For users who would prefer to install the new certificate directly, it is
available at:
https://rhn.redhat.com/help/ssl_cert.pxt
- -the Red Hat Network Team
|
Description of problem: rhn_check fails. Version-Release number of selected component (if applicable): up2date-3.0.7-1 How reproducible: everytime Steps to Reproduce: 1. /usr/sbin/rhn_check -v 2. 3. Actual results: Traceback (most recent call last): File "/usr/sbin/rhn_check", line 237, in ? ACTION_VERSION, Status) File "/usr/lib/python2.2/xmlrpclib.py", line 821, in __call__ return self.__send(self.__name, args) File "/usr/lib/python2.2/site-packages/rhn/rpclib.py", line 126, in _request verbose=self._verbose File "/usr/lib/python2.2/site-packages/rhn/transports.py", line 118, in request headers, fd = req.send_http(host, handler) File "/usr/lib/python2.2/site-packages/rhn/transports.py", line 602, in send_http headers=self.headers) File "/usr/lib/python2.2/httplib.py", line 537, in request self._send_request(method, url, body, headers) File "/usr/lib/python2.2/httplib.py", line 553, in _send_request self.putrequest(method, url) File "/usr/lib/python2.2/httplib.py", line 453, in putrequest self.send(str) File "/usr/lib/python2.2/httplib.py", line 407, in send self.sock.sendall(str) File "/usr/lib/python2.2/site-packages/rhn/SSL.py", line 185, in write sent = self._connection.send(data) SSL.Error: [('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')] Expected results: install packages Additional info: worked weeks ago