623470 – Under x86_64, RHEL yum update fails with: Error: certificate verify failed

Bug 623470 - Under x86_64, RHEL yum update fails with: Error: certificate verify failed

Summary: Under x86_64, RHEL yum update fails with: Error: certificate verify failed

Keywords:
Status:	CLOSED INSUFFICIENT_DATA
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	yum-rhn-plugin
Sub Component:
Version:	5.5
Hardware:	x86_64
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	rc
Target Release:	---
Assignee:	Miroslav Suchý
QA Contact:	Red Hat Satellite QA List
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2010-08-11 20:45 UTC by Forrest Aldrich
Modified:	2014-01-21 06:19 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2010-08-13 15:19:28 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Forrest Aldrich 2010-08-11 20:45:20 UTC

Description of problem:

We installed 3 new rhel 5.5 systems yesterday; each of which are generating this error " Error: certificate verify failed" in response to a basic "yum update". From what I can gather, via a general search, this may be isolated to x86_64 -- however the references I found were specific to Satellite Server (which we are not using). Never the less, I checked the PATHs for the cert and they are correct.

All of our 32 bit systems are running RHEL 5.5 and this is not a problem on any of them.


Version-Release number of selected component (if applicable):

yum version 3.2.22

How reproducible:

Type "yum update" as root.

Steps to Reproduce:
1.
2.
3.
  
Actual results:

# yum clean all
Loaded plugins: rhnplugin, security
Cleaning up Everything

# yum update
Loaded plugins: rhnplugin, security
rhel-x86_64-server-5                                                                      | 1.4 kB     00:00     
Error: certificate verify failed

Expected results:

Expected successful update with current system patches.

Additional info:

Comment 1 Miroslav Suchý 2010-08-12 08:45:08 UTC

You are using rhn.redhat.com or satellite?

In other words, can you post output of:
grep serverURL /etc/sysconfig/rhn/up2date
grep sslCACert /etc/sysconfig/rhn/up2date

Comment 2 Forrest Aldrich 2010-08-12 17:53:59 UTC

We do not use Satellite Server.  This installation image for x86_64 was downloaded directly from the redhat.com site as of 2 days ago.  There were no other changes made.

In reference to the requested info:

# grep serverURL /etc/sysconfig/rhn/up2date

serverURL[comment]=Remote server URL
serverURL=https://xmlrpc.rhn.redhat.com/XMLRPC
disallowConfChanges=noReboot;sslCACert;useNoSSLForPackages;noSSLServerURL;serverURL;disallowConfChanges;


# grep sslCACert /etc/sysconfig/rhn/up2date 

disallowConfChanges=noReboot;sslCACert;useNoSSLForPackages;noSSLServerURL;serverURL;disallowConfChanges;
sslCACert[comment]=The CA cert used to verify the ssl server
sslCACert=/usr/share/rhn/RHNS-CA-CERT

Comment 3 Miroslav Suchý 2010-08-13 15:19:28 UTC

Your settings are indeed correct. But we could not reproduce it. If you are still getting this error, then I would suggest you to contact customer service, which can help you diagnose the problem.
I'm closing this bugzilla as I do not have enough data to reproduce it.

Note You need to log in before you can comment on or make changes to this bug.