Hide Forgot
I seem to be unable to update packages, packagekit stalls at "Downloading packages". When trying to do it via YUM I get: Could not get metalink https://mirrors.fedoraproject.org/metalink?repo=updates-released-f16&arch=x86_64 error was 14: Peer cert cannot be verified or peer cert invalid Could not get metalink https://mirrors.fedoraproject.org/metalink?repo=updates-released-debug-f16&arch=x86_64 error was 14: Peer cert cannot be verified or peer cert invalid and a lot of not found errors on mirrors, like: http://ftp.halifax.rwth-aachen.de/fedora/linux/updates/16/x86_64/debug/repodata/2de01cbcd1543996cce1922d68dbaa530935d6afe9b17ee9512778d0cca1f1ff-filelists.sqlite.bz2 Packages installed: # rpm -q yum nss openssl yum-3.4.3-5.fc16.noarch nss-3.13.1-2.fc16.x86_64 openssl-1.0.0e-1.fc16.x86_64 openssl-1.0.0e-1.fc16.i686
Is this the nss failure from earlier this week?
Yep, that looks like the nss-3.13.1-2 failure. http://www.happyassassin.net/2011/11/15/psa-bad-nss-update-for-f16-messing-up-yum/ Closing, as that was fixed before it got pushed out of updates-testing.
I know this is a closed bug in that the issue is resolved. However, recovering from this bug is not. I followed the instructions at the link in Comment 2 and was unable to downgrade the NSS packages. This appears to be partly due to the fact that some of the NSS packages installed were not version correctly such as; 0:3.13.1-2.fc16. The leading '0' looks to be a problem. What is your advice on how to complete the downgrade? [root@BRSINC-01 EB30750]# yum downgrade nss nss-devel nss-pkcs11-devel nss-sysinit nss-tools Loaded plugins: presto, refresh-packagekit Setting up Downgrade Process No Match for available package: nss-devel-3.12.10-7.fc16.i686 No Match for available package: nss-devel-3.12.10-7.fc16.x86_64 No Match for available package: nss-pkcs11-devel-3.12.10-7.fc16.i686 No Match for available package: nss-pkcs11-devel-3.12.10-7.fc16.x86_64 Resolving Dependencies --> Running transaction check ---> Package nss.i686 0:3.12.10-7.fc16 will be a downgrade ---> Package nss.x86_64 0:3.12.10-7.fc16 will be a downgrade ---> Package nss.i686 0:3.13.1-2.fc16 will be erased ---> Package nss.x86_64 0:3.13.1-2.fc16 will be erased ---> Package nss-sysinit.x86_64 0:3.12.10-7.fc16 will be a downgrade ---> Package nss-sysinit.x86_64 0:3.13.1-2.fc16 will be erased ---> Package nss-tools.x86_64 0:3.12.10-7.fc16 will be a downgrade ---> Package nss-tools.x86_64 0:3.13.1-2.fc16 will be erased --> Finished Dependency Resolution Dependencies Resolved ================================================================================ Package Arch Version Repository Size ================================================================================ Downgrading: nss i686 3.12.10-7.fc16 fedora 778 k nss x86_64 3.12.10-7.fc16 fedora 764 k nss-sysinit x86_64 3.12.10-7.fc16 fedora 32 k nss-tools x86_64 3.12.10-7.fc16 fedora 719 k Transaction Summary ================================================================================ Downgrade 4 Packages
The 0: you see there notes the package has Epoch 0, which is the common case. That shouldn't be a problem. Try 'yum clean metadata' then 'yum downgrade' again. Oddly, it's not matching on packages which clearly are in the F16 releases/ tree. Or, if yum is now broken because of the nss problem, go grab those packages manually from a mirror.
The one thing I had to do before downgrading was commenting out the mirrorlist in /etc/yum.repos.d/fedora.repo and uncommenting the baseurl line. Just remember to switch them back again after it's done ;)