Red Hat Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

Runtimes

Integration and Automation

  • Comments

    • Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/repodata/repomd.xml [SSL certificate problem: self signed certificate in certificate chain]

    Posted on

    I am getting "Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/repodata/repomd.xml [SSL certificate problem: self signed certificate in certificate chain]" have redownloaded certificate , still ending up with same issue

    [root@localhost anchors]# curl -o https://curl.se/ca/cacert.pem /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
    curl: (3) malformed
    [root@localhost anchors]# curl -o /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem https://curl.se/ca/cacert.pem
    % Total % Received % Xferd Average Speed Time Time Time Current
    Dload Upload Total Spent Left Speed
    100 221k 100 221k 0 0 458k 0 --:--:-- --:--:-- --:--:-- 458k
    [root@localhost anchors]# ls -lrt /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
    -r--r--r--. 1 root root 226639 Dec 16 22:27 /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
    [root@localhost anchors]# date;time
    Sat Dec 16 22:27:27 IST 2023

    real 0m0.000s
    user 0m0.000s
    sys 0m0.000s
    [root@localhost anchors]# sudo ln -sf /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /etc/pki/tls/certs/ca-bundle.crt
    [root@localhost anchors]# ls -lrt /etc/pki/tls/certs/ca-bundle.crt
    lrwxrwxrwx. 1 root root 49 Dec 16 22:27 /etc/pki/tls/certs/ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
    [root@localhost anchors]# sudo update-ca-trust
    [root@localhost anchors]# yum update -y ca-certificates
    Updating Subscription Management repositories.
    Red Hat Enterprise Linux 8 - BaseOS 0.0 B/s | 0 B 00:00
    Errors during downloading metadata for repository 'base':
    - Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/repodata/repomd.xml [SSL certificate problem: self signed certificate in certificate chain]
    Error: Failed to download metadata for repo 'base': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
    [root@localhost anchors]# curl -V
    curl 7.61.1 (x86_64-redhat-linux-gnu) libcurl/7.61.1 OpenSSL/1.1.1k zlib/1.2.11 brotli/1.0.6 libidn2/2.2.0 libpsl/0.20.2 (+libidn2/2.2.0) libssh/0.9.6/openssl/zlib nghttp2/1.33.0
    Release-Date: 2018-09-05
    Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
    Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz brotli TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL
    [root@localhost anchors]#

    by

    points

    Responses

    Red Hat LinkedIn YouTube Facebook X, formerly Twitter

    Quick Links

    Help

    Site Info

    Related Sites

    © 2026 Red Hat