[CentOS] Can't upgrade sssd-*

Fri Apr 2 15:02:33 UTC 2021
Valeri Galtsev <galtsev at kicp.uchicago.edu>

On 4/2/21 9:46 AM, Johnny Hughes wrote:
> On 4/1/21 12:32 PM, Warren Young wrote:
>> On Mar 26, 2021, at 7:08 AM, Warren Young <warren at etr-usa.com> wrote:
>>> Is anyone else getting this on dnf upgrade?
>>> [MIRROR] sssd-proxy-2.3.0-9.el8.x86_64.rpm: Interrupted by header callback: Server reports Content-Length: 9937 but expected size is: 143980
>> The short reply size made me think to try a packet capture, and it turned out to be a message from the site’s “transparent” HTTP proxy, telling me that content’s blocked.
>> Rather than fight with site IT over the block list, I have a new question: is there any plan for getting HTTPS-only updates in CentOS?  Changing all “http” to “https” in my repo conf files just made the update stall, so I assume there are mirrors that are still HTTP-only.

The mirror I still maintain IS http only:


as of this moment I have no plans to change anything (like remove CentOS 
from mirror machine, or force/redirect http to https on the server side).

I hope, this helps.


> No .. we host things on donated servers, we therefore are not putting
> private keys on there.  That (and external mirrors) is why we SIGN
> repodata.xml.  We just can't risk putting private keys for centos.org on
> machines that are donated.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos

Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247