Receiving the error ‘yum certificate verify failed’ while updating packages using yum? Here’s how we fix it.
Here at Bobcares, we often receive requests to resolve the error SSL certificate failed verification as part of our Server Management Services.
Today, let’s discuss this error in detail and see how our Support Engineers fix it for our customers.
Why yum certificate verify failed?
We’ve seen many of our customers experiencing such errors due to certificate expiration, mismatch in server date and time, and so on.
Here is a sample error message screenshot.
Here the problem happened while the user tried to update the yum. The main reason for this error is the corrupted rhn-client-tools package.
We eliminated this problem by reinstalling rhn-client-tools from the RedHat site. Another quick fix suggested by our Engineers is disabling the SSLVerify and plugin yum-rhn-plugin.
Now, Let’s see how our Support Engineers fix the error yum certificate verify failed with different methods.
How can we rectify this error?
At Bobcares, where we have more than a decade of expertise in managing servers, we see many customers face problems with the error ‘SSL certificate failed verification’ while updating yum.
Now, let’s see the major reasons for this error to occur and how our Support Engineers fix the error via various methods.
Certificate expired
Recently, one of our customers approached us with ‘yum‘ failing with the error ‘certificate verifies failed‘ when he executed the following command.
yum update --verboseHe also claims that previously the command was properly working. While checking, we could trace that the yum certificate has been expired, and so we assisted the customer by updating it.
1. We then downloaded the new latest package from Redhat.
RHEL 8: https://access.redhat.com/downloads2. After that we installed the package:
rpm -Uvh rhn*.rpm3. Finally, we updated the packages:
rpm -Uvh up2date*.rpmThe certificate is now updated and the error has eliminated.
Server time and nameserver
While running the command yum check-update customer received the error The SSL certificate failed verification. On further checking our Support Engineers could trace that the issue is with the incorrect server time.
So, we have checked it with the following command:
ntpdate -qv pt.pool.ntp.orgAfter correcting the server’s date and time, which then allowed the certificate to be successfully validated for the rhnplugin. This helped us to resolve the problem with yum.
Another reason for this error is that the server should be able to resolve repo/cln websites properly.
So If the customer uses custom resolvers then it must be disabled in /etc/resolv.conf. Hence, we set 8.8.4.4 instead of custom resolvers.
nameserver 8.8.4.4This also rectified the problem of certificate failed verification.
A quick fix:
In certain cases the yum update have to be done immediately, in such cases, we can go for a temporary fix. One of our customers contacted us with the following error message. He received it while updating the CentOS 7 using yum update command.
The SSL certificate failed verificationInitially, we removed cached packages and headers using the following command:
yum clean allThen as a quick fix, we disabled sslverify in the configuration file /etc/yum.conf
sslverify=falseSince the parameter has not been taken into account by the plugin yum-rhn-plugin. Then we disabled the plugin yum-rhn-plugin by editing in the configuration file using the command
vim /etc/yum/pluginconf.d/rhnplugin.confWithin this file, we changed
enabled=1to
enabled=0After editing and saving this file we were able to update yum correctly. This is actually a temporary fix in which the certificate’s verification was disabled.
[Need more assistance on Yum certificate verify failed? We’ll help you]
Conclusion
In short, Yum certificate verify failed error occurs while running yum update. This occurs due to certificate expiration, mismatch in server date and time and so on. In today’s article, we discussed how our Support Engineers fix this error for our customers.
0 Comments