«

»

Oct
02
2008

Red Hat RHN SSL certificate verification error

Categories:

by

I was trying to connect to RHN from Yum/up2date in Red Hat Enterprise Linux 5. I kept getting fatal invalid SSL cert errors. The strange part – out of all of the machines I tested it was only occuring on a single RHEL 5 laptop. The really strange part – it was happening on the host as well as inside a guest in a VM running in VMware Player.

If you get this:


[root@rhel5-vm ~]# yum search openoffice
Loading "rhnplugin" plugin
Loading "installonlyn" plugin
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.main(sys.argv[1:])
File "/usr/share/yum-cli/yummain.py", line 85, in main
base.getOptionsConfig(args)
File "/usr/share/yum-cli/cli.py", line 199, in getOptionsConfig
errorlevel=opts.errorlevel)
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 134, in doConfigSetup
self.plugins.run('init')
File "/usr/lib/python2.4/site-packages/yum/plugins.py", line 153, in run
func(conduitcls(self, self.base, conf, **kwargs))
File "/usr/lib/yum-plugins/rhnplugin.py", line 88, in init_hook
login_info = up2dateAuth.getLoginInfo()
File "/usr/share/rhn/up2date_client/up2dateAuth.py", line 139, in getLoginInfo
login()
File "/usr/share/rhn/up2date_client/up2dateAuth.py", line 98, in login
li = server.up2date.login(systemId)
File "/usr/share/rhn/up2date_client/rhnserver.py", line 64, in __call__
raise up2dateErrors.SSLCertificateVerifyFailedError()
up2date_client.up2dateErrors.SSLCertificateVerifyFailedError: The SSL certificate failed verification.

Check the date/time on the machine. Mine was a VM syncing w/ a host clock with a bad CMOS battery. Caused it to think it was 2005 and the cert wasn’t valid yet. Also explains why it happened in both host and guest.

This post has no tag

3 comments

  1. Joe Kazura says:

    Wednesday, November 12, 2008 at 7:32 am (UTC -5)

    I get the same error, but on a ‘real’ RHEL 5 box WITH the correct date & time set.

  2. spencer says:

    Wednesday, November 12, 2008 at 10:24 am (UTC -5)

    Joe,

    Have you tried re-installing the SSL cert by following the directions at the RHN site?

    Also any info in the audit logs or system logs?

  3. Ger says:

    Thursday, June 3, 2010 at 4:26 am (UTC -5)

    Thanks, I was running into this problem and it turns out that the date was wrong.. :)

    Thanks again!!

    Greetings,
    Ger.

Leave a Reply