"Peer cert cannot be verified or peer cert invalid"
If you get an error similar to this for one of the XML files yum tries to fetch:
[Errno 14] Peer cert cannot be verified or peer cert invalid
Try this first:
- Try opening the XML file in your local browser and inspect whether the certificate passes.
- The cert is fine. Does it pass on your server? (Probably not, but try curl):
If this fails, but your browser can show the XML file just fine, you have isolated the problem to your OP5 Monitor server, and it's likely that you have an out-of-date CA bundle. Inspect the following folder:
# ls -la /etc/pki/tls/certs/
Look for a file ending in "rpmnew", and/or files that look outdated. An example of this would be these two files:
-rw-r--r-- 1 root root 441017 Jan 20 2010 ca-bundle.crt
-rw-r--r-- 1 root root 754217 Feb 28 2018 ca-bundle.crt.rpmnew
The first file should have been replaced, but for some reason, it wasn't. Move it somewhere else (/root for example), rename the rpmnew file and reload:
# cd /etc/pki/tls/certs
# mv ca-bundle.crt /root
# mv ca-bundle.crt.rpmnew ca-bundle.crt
You may need to update keys manually (404 Not Found)
If you run into the following error message when trying to perform a yum update:
Retrieving key from http://linux.dell.com/repo/hardware/latest/RPM-GPG-KEY-dell
GPG key retrieval failed: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found"
You may need to add these keys manually using the following commands:
rpm --import https://linux.dell.com/repo/pgp_pubkeys/0x1285491434D8786F.asc
rpm --import https://linux.dell.com/repo/pgp_pubkeys/0x756ba70b1019ced6.asc
rpm --import https://linux.dell.com/repo/pgp_pubkeys/0xca77951d23b66a9d.asc
After this, you can issue your yum update again.
Please sign in to leave a comment.