how to configure yum/dnf to use https and a proxy

Latest response

Hello,

I'm trying to configure yum on a server which is located in a DMZ domain by using a proxy and https. The http protocol is prohibited between DMZ and the normal lan domain.

The yum.conf file looks like :

[main]
gpgcheck=1
installonly_limit=3
clean_requirements_on_remove=True
best=True
skip_if_unavailable=False
proxy=http://1.1.1.1:443

and the general repo file :

[lan-rhel-8-for-x86_64-baseos-rpms]
name=RHEL - - Updates
baseurl=https://localreposerver.domain.local/reposync/RedHat/8_current/x86_64/rhel-8-for-x86_64-baseos-rpms/
failovermethod=roundrobin
enabled=1
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
gpgcheck=1

[lan-rhel-8-for-x86_64-appstream-rpms]
name=RHEL - - Updates
baseurl=https://localreposerver.domain.local/reposync/RedHat/8_current/x86_64//rhel-8-for-x86_64-appstream-rpms/
failovermethod=roundrobin
enabled=1
gpgkey = file:///etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release
gpgcheck=1

The command : yum list available returns the following error :
Errors during downloading metadata for repository 'lan-rhel-8-for-x86_64-baseos-rpms':
- Curl error (56): Failure when receiving data from the peer for https://localreposerver.domain.local/reposync/RedHat/8_current/x86_64/rhel-8-for-x86_64-baseos-rpms/repodata/repomd.xml [Received HTTP code 405 from proxy after CONNECT]
Error: Failed to download metadata for repo 'lan-rhel-8-for-x86_64-baseos-rpms': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried

When I try to get the repomd.xml with a curl command, I receive as output :
curl -vvv -x 1.1.1.1:443 https://localreposerver.domain.local:443/reposync/RedHat/8_current/x86_64/rhel-8-for-x86_64-baseos-rpms/repodata/repomd.xml
* Trying 1.1.1.1...
* TCP_NODELAY set
* Connected to (1.1.1.1) port 443 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to localreposerver.domain.local:443

CONNECT localreposerver.domain.local:443 HTTP/1.1
Host: localreposerver.domain.local:443
User-Agent: curl/7.61.1
Proxy-Connection: Keep-Alive

< HTTP/1.1 405 Method Not Allowed
< Date: Wed, 15 Nov 2023 12:23:45 GMT
< Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips
< Allow: GET,HEAD,POST,OPTIONS,TRACE
< Content-Length: 225
< Content-Type: text/html; charset=iso-8859-1
<
* Received HTTP code 405 from proxy after CONNECT
* CONNECT phase completed!
* Closing connection 0
curl: (56) Received HTTP code 405 from proxy after CONNECT

What did I do wrong ?

thanks for your feedback

Daniel

DS

Responses