Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/repodata/repomd.xml [SSL certificate problem: self signed certificate in certificate chain]

Latest response

I am getting "Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/repodata/repomd.xml [SSL certificate problem: self signed certificate in certificate chain]" have redownloaded certificate , still ending up with same issue

[root@localhost anchors]# curl -o https://curl.se/ca/cacert.pem /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
curl: (3) malformed
[root@localhost anchors]# curl -o /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem https://curl.se/ca/cacert.pem
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 221k 100 221k 0 0 458k 0 --:--:-- --:--:-- --:--:-- 458k
[root@localhost anchors]# ls -lrt /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
-r--r--r--. 1 root root 226639 Dec 16 22:27 /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
[root@localhost anchors]# date;time
Sat Dec 16 22:27:27 IST 2023

real 0m0.000s
user 0m0.000s
sys 0m0.000s
[root@localhost anchors]# sudo ln -sf /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem /etc/pki/tls/certs/ca-bundle.crt
[root@localhost anchors]# ls -lrt /etc/pki/tls/certs/ca-bundle.crt
lrwxrwxrwx. 1 root root 49 Dec 16 22:27 /etc/pki/tls/certs/ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem
[root@localhost anchors]# sudo update-ca-trust
[root@localhost anchors]# yum update -y ca-certificates
Updating Subscription Management repositories.
Red Hat Enterprise Linux 8 - BaseOS 0.0 B/s | 0 B 00:00
Errors during downloading metadata for repository 'base':
- Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/repodata/repomd.xml [SSL certificate problem: self signed certificate in certificate chain]
Error: Failed to download metadata for repo 'base': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
[root@localhost anchors]# curl -V
curl 7.61.1 (x86_64-redhat-linux-gnu) libcurl/7.61.1 OpenSSL/1.1.1k zlib/1.2.11 brotli/1.0.6 libidn2/2.2.0 libpsl/0.20.2 (+libidn2/2.2.0) libssh/0.9.6/openssl/zlib nghttp2/1.33.0
Release-Date: 2018-09-05
Protocols: dict file ftp ftps gopher http https imap imaps ldap ldaps pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp
Features: AsynchDNS IDN IPv6 Largefile GSS-API Kerberos SPNEGO NTLM NTLM_WB SSL libz brotli TLS-SRP HTTP2 UnixSockets HTTPS-proxy PSL
[root@localhost anchors]#

ra

Responses