Posts Tagged ‘ssl’

CentOS 6 EPEL & YUM issues

June 24th, 2015 No comments

when trying to update an older CentOS 6.4 box, I was getting hte following errors:

[[email protected]~]# yum update
Loaded plugins: fastestmirror
Determining fastest mirrors
Could not get metalink error was
14: problem making ssl connection
* epel:
* remi:
* rpmforge:

Other places in the internet have suggested editing /etc/yum.repos.d/epel.repo and changing the URL from https://…. to http:// (removing the SSL). This does actually work, but it doesn’t seem very clever.

After lots of going round in circles and then some more clever diffing (`curl -v` is your friend) I realised that the SSL CAs on the box were out of date so it fails to validate the mirror list. And there’s a very easy and correct fix:

yum update ca-certificates

After doing the above epel and everything else is much happier.

Note, on my box, the following deps are also updated:

 Package                            Arch                   Version                                 Repository               Size
 ca-certificates                    noarch                 2015.2.4-65.0.1.el6_6                   updates                 1.3 M
 nss                                x86_64                 3.18.0-5.3.el6_6                        updates                 856 k
Installing for dependencies:
 p11-kit                            x86_64                 0.18.5-2.el6_5.2                        base                     94 k
 p11-kit-trust                      x86_64                 0.18.5-2.el6_5.2                        base                     71 k
Updating for dependencies:
 nspr                               x86_64                 4.10.8-1.el6_6                          updates                 113 k
 nss-softokn                        x86_64                 3.14.3-22.el6_6                         updates                 262 k
 nss-softokn-freebl                 x86_64                 3.14.3-22.el6_6                         updates                 167 k
 nss-sysinit                        x86_64                 3.18.0-5.3.el6_6                        updates                  45 k
 nss-tools                          x86_64                 3.18.0-5.3.el6_6                        updates                 433 k
 nss-util                           x86_64                 3.18.0-1.el6_6                          updates                  66 k

Transaction Summary
Install       2 Package(s)
Upgrade       8 Package(s)

Total download size: 3.3 M
Is this ok [y/N]:

To finish off I then run

yum clean all
yum makecache
Categories: CentOS & RHEL 6 Tags: ,