[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

[rhn-users] up2date SSL update fails

From: "Simon Hildrew" <simon hildrew net>
To: <rhn-users redhat com>
Subject: [rhn-users] up2date SSL update fails
Date: Thu, 2 Oct 2003 10:31:32 +0100

I'm not having a lot of luck updating my up2date installation on a new RH9
box (installed tuesday).

I download and install the packages as suggested and this seems to work fine
and the /usr/share/rhn/RHNS-CA-CERT file updates with the new certificates.
However, running up2date for the first time still produces this error:

Traceback (most recent call last):
  File "/usr/share/rhn/up2date_client/gui.py", line 405, in
onPrivacyPagePrepare
    text = rhnreg.privacyText()
  File "/usr/share/rhn/up2date_client/rhnreg.py", line 176, in privacyText
    return rpcServer.doCall(s.registration.privacy_statement)
  File "/usr/share/rhn/up2date_client/rpcServer.py", line 114, in doCall
    ret = apply(method, args, kwargs)
  File "/usr/lib/python2.2/xmlrpclib.py", line 821, in __call__
    return self.__send(self.__name, args)
  File "/usr/lib/python2.2/site-packages/rhn/rpclib.py", line 126, in
_request
    verbose=self._verbose
  File "/usr/lib/python2.2/site-packages/rhn/transports.py", line 130, in
request
    headers, fd = req.send_http(host, handler)
  File "/usr/lib/python2.2/site-packages/rhn/transports.py", line 614, in
send_http
    headers=self.headers)
  File "/usr/lib/python2.2/httplib.py", line 701, in request
    self._send_request(method, url, body, headers)
  File "/usr/lib/python2.2/httplib.py", line 723, in _send_request
    self.endheaders()
  File "/usr/lib/python2.2/httplib.py", line 695, in endheaders
    self._send_output()
  File "/usr/lib/python2.2/httplib.py", line 581, in _send_output
    self.send(msg)
  File "/usr/lib/python2.2/httplib.py", line 560, in send
    self.sock.sendall(str)
  File "/usr/lib/python2.2/site-packages/rhn/SSL.py", line 191, in write
    sent = self._connection.send(data)
SSL.Error: [('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate
verify failed')]

Following this I backed up the RHNS-CA-CERT file and deleted it.  I then
touched the file so it was writable.  Then I downloaded and ran the script
found on this page https://rhn.redhat.com/help/ssl_cert.pxt and used it to
try and update the certificate and received the following message:

Testing SSL connectivity against https://xmlrpc.rhn.redhat.com/XMLRPC ...

    Connectivity test ERROR: Failed to connect to server

    This error can be caused by one or more of the following:
    - lack on Internet connectivity;
    - running behind a proxy server. Please try running up2date
      instead to test SSL functionality.

    Despite this error, the file /usr/share/rhn/RHNS-CA-CERT
    has been updated to allow 'up2date' and 'rhn_register' to function
    properly.  Should you choose, you may restore a backup of your
    previous cert from the /usr/share/rhn/RHNS-CA-CERT.old file.

I can run lynx to this address and in works.  Additionally I have four other
boxes (which weren't new installs) and updating the up2date packages has
worked sucessfully on each of them.  I have also checked that it is not
iptables by temporarily stopping the iptables service.

If you have any suggestions I would appreciate you letting me know.

Thanks in advance,

Simon

Follow-Ups:
- Re: [rhn-users] up2date SSL update fails
  - From: Simon Hildrew

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]