subscription-manager certificate verify failed
Around 7:17 AM EST this morning, all of our RHEL workstations started getting errors with subscription-manager:
[root@ceres scripts]# /usr/sbin/subscription-manager status
+-------------------------------------------+
System Status Details
+-------------------------------------------+
Overall Status: Unknown
[root@ceres scripts]# /usr/sbin/subscription-manager identity
server type: RHN Classic and Red Hat Subscription Management
Unable to verify server's identity: certificate verify failed
All of the workstations are running 6.5/6.6 with most having 6.6 including python-rhsm-1.12.5-2.el6.x86_64.
From the rhsm logs:
2014-10-29 07:17:10,094 [INFO] subscription-manager @managercli.py:298 - Client Versions: {'python-rhsm': '1.12.5-2.el6', 'subscription-manager': '1.12.14-7.el6'}
2014-10-29 07:17:10,094 [INFO] subscription-manager @connection.py:659 - Using certificate authentication: key = /etc/pki/consumer/key.pem, cert = /etc/pki/consumer/cert.pem, ca = /etc/rhsm/ca/, insecure = False
2014-10-29 07:17:10,095 [INFO] subscription-manager @connection.py:670 - Connection Built: host: subscription.rhn.redhat.com, port: 443, handler: /subscription
2014-10-29 07:17:10,095 [INFO] subscription-manager @connection.py:666 - Using no auth
2014-10-29 07:17:10,095 [INFO] subscription-manager @connection.py:670 - Connection Built: host: subscription.rhn.redhat.com, port: 443, handler: /subscription
2014-10-29 07:17:10,113 [DEBUG] subscription-manager @connection.py:414 - Loaded CA certificates from /etc/rhsm/ca/: candlepin-stage.pem, redhat-uep.pem
2014-10-29 07:17:10,114 [DEBUG] subscription-manager @connection.py:446 - Making request: GET /subscription/
2014-10-29 07:17:10,252 [ERROR] subscription-manager @utils.py:263 - Error while checking server version: certificate verify failed
2014-10-29 07:17:10,253 [ERROR] subscription-manager @utils.py:265 - certificate verify failed
Traceback (most recent call last):
File "/usr/share/rhsm/subscription_manager/utils.py", line 243, in get_server_versions
if cp.supports_resource("status"):
File "/usr/lib64/python2.6/site-packages/rhsm/connection.py", line 696, in supports_resource
self._load_supported_resources()
File "/usr/lib64/python2.6/site-packages/rhsm/connection.py", line 683, in _load_supported_resources
resources_list = self.conn.request_get("/")
File "/usr/lib64/python2.6/site-packages/rhsm/connection.py", line 550, in request_get
return self._request("GET", method)
File "/usr/lib64/python2.6/site-packages/rhsm/connection.py", line 453, in _request
conn.request(request_type, handler, body=body, headers=headers)
File "/usr/lib64/python2.6/httplib.py", line 914, in request
self._send_request(method, url, body, headers)
File "/usr/lib64/python2.6/httplib.py", line 951, in _send_request
self.endheaders()
File "/usr/lib64/python2.6/httplib.py", line 908, in endheaders
self._send_output()
File "/usr/lib64/python2.6/httplib.py", line 780, in _send_output
self.send(msg)
File "/usr/lib64/python2.6/httplib.py", line 739, in send
self.connect()
File "/usr/lib64/python2.6/site-packages/M2Crypto/httpslib.py", line 58, in connect
sock.connect((self.host, self.port))
File "/usr/lib64/python2.6/site-packages/M2Crypto/SSL/Connection.py", line 185, in connect
ret = self.connect_ssl()
File "/usr/lib64/python2.6/site-packages/M2Crypto/SSL/Connection.py", line 178, in connect_ssl
return m2.ssl_connect(self.ssl, self._timeout)
SSLError: certificate verify failed