Description of problem: We installed 3 new rhel 5.5 systems yesterday; each of which are generating this error " Error: certificate verify failed" in response to a basic "yum update". From what I can gather, via a general search, this may be isolated to x86_64 -- however the references I found were specific to Satellite Server (which we are not using). Never the less, I checked the PATHs for the cert and they are correct. All of our 32 bit systems are running RHEL 5.5 and this is not a problem on any of them. Version-Release number of selected component (if applicable): yum version 3.2.22 How reproducible: Type "yum update" as root. Steps to Reproduce: 1. 2. 3. Actual results: # yum clean all Loaded plugins: rhnplugin, security Cleaning up Everything # yum update Loaded plugins: rhnplugin, security rhel-x86_64-server-5 | 1.4 kB 00:00 Error: certificate verify failed Expected results: Expected successful update with current system patches. Additional info:
You are using rhn.redhat.com or satellite? In other words, can you post output of: grep serverURL /etc/sysconfig/rhn/up2date grep sslCACert /etc/sysconfig/rhn/up2date
We do not use Satellite Server. This installation image for x86_64 was downloaded directly from the redhat.com site as of 2 days ago. There were no other changes made. In reference to the requested info: # grep serverURL /etc/sysconfig/rhn/up2date serverURL[comment]=Remote server URL serverURL=https://xmlrpc.rhn.redhat.com/XMLRPC disallowConfChanges=noReboot;sslCACert;useNoSSLForPackages;noSSLServerURL;serverURL;disallowConfChanges; # grep sslCACert /etc/sysconfig/rhn/up2date disallowConfChanges=noReboot;sslCACert;useNoSSLForPackages;noSSLServerURL;serverURL;disallowConfChanges; sslCACert[comment]=The CA cert used to verify the ssl server sslCACert=/usr/share/rhn/RHNS-CA-CERT
Your settings are indeed correct. But we could not reproduce it. If you are still getting this error, then I would suggest you to contact customer service, which can help you diagnose the problem. I'm closing this bugzilla as I do not have enough data to reproduce it.