You need to dig deeper - I will give you a start ... > > > Sometime in Feb, yum updated something to do with ca-bundle. The "something" is the ca-certificates.noarch rpm. It is updated every year around May. The last update was around May 16th this year. Not February. > > > I didn't > > > notice at the time, but it put these two files on my machine: > > > > > > /etc/pki/tls/certs/ca-bundle.trust.crt.rpmnew and > > > > > > /etc/pki/tls/certs/ca-bundle.crt.rpmnew > > > > > > Both of those on the existing system are symbolic links > > > > > > ca-bundle.trust.crt -> > > > /etc/pki/ca-trust/extracted/openssl/ca-bundle-trust.crt and > > > > > > ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem That is what is defined in the ca-certificates package. See the output of rpm -qv --list ca-certificates-2018.2.22-70.0.el7_5.noarch > > > > > > I'm not sure how exactly I'm supposed to use thes files to update those > > > locations. one points to a .pem file, which the .rpmnew file is not, and > > > there is no file of the corresponding name in the direstory pointed to > > > by the link. What do the .rpmnew files contain? The repository version of those files are symlinks, so to me it looks like some other package is trying to install those files. > > > > > > Shouldn't the rpm have "done the right thing", and put them where they > > > belong? There is something that is stopping it from "doing the right thing". > > > > Except as noted above, there is no ca-bundle.crt file in the tree, only > this: > > tls-ca-bundle.pem > > > > Do I rename it, or what? > The simple answer is possibly. The sensible answer is that you need to find out if anything has tried to add different certificate files (and why) and work around that to work out what the best thing to do is. Use the 'rpm' command to find out what provides that files that have a .rpmnew suffix: rpm -q --whatprovides /etc/pki/tls/certs/ca-bundle.trust.crt It should come up with just one package - the ca-certificates-2018 package. If it returns multiple packages, then something else is causing confusion. P.