[CentOS] I broke "yum update" - C7
Alexander Dalloz
ad+lists at uni-x.org
Thu Aug 29 15:20:00 UTC 2019
Am 2019-08-29 16:51, schrieb Gary Stainburn:
> On Thursday 29 August 2019 15:45:44 Gordon Messmer wrote:
>> On 8/29/19 3:03 AM, Gary Stainburn wrote:
>> > https://us-east.repo.webtatic.com/yum/el7/x86_64/repodata/repomd.xml: [Errno 14] curl#60 - "Peer's Certificate issuer is not recognized."
>>
>>
>> What do you see when you run:
>>
>> openssl s_client -showcerts -connect
>> us-east.repo.webtatic.com:443
>
> That seems to work fine on the faulty server.
>
> [root at stan2 ~]# openssl s_client -showcerts -connect
> us-east.repo.webtatic.com:443
> CONNECTED(00000003)
> depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
> verify return:1
> depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
> verify return:1
> depth=0 CN = webtatic.com
> verify return:1
[ ... ]
> Verify return code: 0 (ok)
Hi,
yum uses libcurl behind the scenes and thus NSS and not OpenSSL.
Do you get something indicative when running:
URLGRABBER_DEBUG=1 yum --disablerepo=\* --enablerepo=webtatic
check-update
Alexander
More information about the CentOS
mailing list