Am 2019-08-29 16:51, schrieb Gary Stainburn:
On Thursday 29 August 2019 15:45:44 Gordon Messmer wrote:
On 8/29/19 3:03 AM, Gary Stainburn wrote:
https://us-east.repo.webtatic.com/yum/el7/x86_64/repodata/repomd.xml: [Errno 14] curl#60 - "Peer's Certificate issuer is not recognized."
What do you see when you run:
openssl s_client -showcerts -connect us-east.repo.webtatic.com:443
That seems to work fine on the faulty server.
[root@stan2 ~]# openssl s_client -showcerts -connect us-east.repo.webtatic.com:443 CONNECTED(00000003) depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 verify return:1 depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 verify return:1 depth=0 CN = webtatic.com verify return:1
[ ... ]
Verify return code: 0 (ok)
Hi,
yum uses libcurl behind the scenes and thus NSS and not OpenSSL.
Do you get something indicative when running:
URLGRABBER_DEBUG=1 yum --disablerepo=* --enablerepo=webtatic check-update
Alexander