Am 2019-08-29 16:51, schrieb Gary Stainburn: > On Thursday 29 August 2019 15:45:44 Gordon Messmer wrote: >> On 8/29/19 3:03 AM, Gary Stainburn wrote: >> > https://us-east.repo.webtatic.com/yum/el7/x86_64/repodata/repomd.xml: [Errno 14] curl#60 - "Peer's Certificate issuer is not recognized." >> >> >> What do you see when you run: >> >> openssl s_client -showcerts -connect >> us-east.repo.webtatic.com:443 > > That seems to work fine on the faulty server. > > [root at stan2 ~]# openssl s_client -showcerts -connect > us-east.repo.webtatic.com:443 > CONNECTED(00000003) > depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3 > verify return:1 > depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3 > verify return:1 > depth=0 CN = webtatic.com > verify return:1 [ ... ] > Verify return code: 0 (ok) Hi, yum uses libcurl behind the scenes and thus NSS and not OpenSSL. Do you get something indicative when running: URLGRABBER_DEBUG=1 yum --disablerepo=\* --enablerepo=webtatic check-update Alexander