Am 2019-08-29 16:51, schrieb Gary Stainburn:
On Thursday 29 August 2019 15:45:44 Gordon Messmer wrote:
On 8/29/19 3:03 AM, Gary Stainburn wrote:
> https://us-east.repo.webtatic.com/yum/el7/x86_64/repodata/repomd.xml: [Errno 14] curl#60 - "Peer's Certificate issuer is not recognized."
What do you see when you run:
openssl s_client -showcerts -connect
us-east.repo.webtatic.com:443
That seems to work fine on the faulty server.
[root@stan2 ~]# openssl s_client -showcerts -connect
us-east.repo.webtatic.com:443
CONNECTED(00000003)
depth=2 O = Digital Signature Trust Co., CN = DST Root CA X3
verify return:1
depth=1 C = US, O = Let's Encrypt, CN = Let's Encrypt Authority X3
verify return:1
depth=0 CN = webtatic.com
verify return:1
[ ... ]
Verify return code: 0 (ok)
Hi,
yum uses libcurl behind the scenes and thus NSS and not OpenSSL.
Do you get something indicative when running:
URLGRABBER_DEBUG=1 yum --disablerepo=\* --enablerepo=webtatic
check-update
Alexander
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
