yum コマンドを実行して、HTTP プロキシから証明書ベースの CDN コンテンツにアクセスすると、M2Crypto.SSL.SSLError: unexpected eof エラー (RHEL5) または [Errno 14] problem making ssl connection エラー (RHEL6) が発生する
Issue
- HTTP プロキシから証明書ベースの RHN にシステムを登録しました。
- ただし、HTTP プロキシ経由で、yum を使用してコンテンツを取得しようとすると SSL エラーが発生します。
- RHEL5 システムでは、以下のエラーが発生します。
root@rhel5:~# yum check-update
Loaded plugins: downloadonly, katello, product-id, subscription-manager
Updating certificate-based repositories.
Traceback (most recent call last):
File "/usr/bin/yum", line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File "/usr/share/yum-cli/yummain.py", line 309, in user_main
errcode = main(args)
File "/usr/share/yum-cli/yummain.py", line 178, in main
result, resultmsgs = base.doCommands()
File "/usr/share/yum-cli/cli.py", line 345, in doCommands
self._getTs(needTsRemove)
File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 101, in _getTs
self._getTsInfo(remove_only)
File "/usr/lib/python2.4/site-packages/yum/depsolve.py", line 112, in _getTsInfo
pkgSack = self.pkgSack
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 662, in <lambda>
pkgSack = property(fget=lambda self: self._getSacks(),
File "/usr/lib/python2.4/site-packages/yum/__init__.py", line 502, in _getSacks
self.repos.populateSack(which=repos)
File "/usr/lib/python2.4/site-packages/yum/repos.py", line 260, in populateSack
sack.populate(repo, mdtype, callback, cacheonly)
File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 168, in populate
if self._check_db_version(repo, mydbtype):
File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 226, in _check_db_version
return repo._check_db_version(mdtype)
File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1226, in _check_db_version
repoXML = self.repoXML
File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1399, in <lambda>
repoXML = property(fget=lambda self: self._getRepoXML(),
File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1391, in _getRepoXML
self._loadRepoXML(text=self)
File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1381, in _loadRepoXML
return self._groupLoadRepoXML(text, ["primary"])
File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1365, in _groupLoadRepoXML
if self._commonLoadRepoXML(text):
File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 1201, in _commonLoadRepoXML
result = self._getFileRepoXML(local, text)
File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 974, in _getFileRepoXML
cache=self.http_caching == 'all')
File "/usr/lib/python2.4/site-packages/yum/yumRepo.py", line 811, in _getFile
http_headers=headers,
File "/usr/lib/python2.4/site-packages/urlgrabber/mirror.py", line 412, in urlgrab
return self._mirror_try(func, url, kw)
File "/usr/lib/python2.4/site-packages/urlgrabber/mirror.py", line 398, in _mirror_try
return func_ref( *(fullurl,), **kwargs )
File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 936, in urlgrab
return self._retry(opts, retryfunc, url, filename)
File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 854, in _retry
r = apply(func, (opts,) + args, {})
File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 922, in retryfunc
fo = URLGrabberFileObject(url, filename, opts)
File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 1010, in __init__
self._do_open()
File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 1093, in _do_open
fo, hdr = self._make_request(req, opener)
File "/usr/lib/python2.4/site-packages/urlgrabber/grabber.py", line 1202, in _make_request
fo = opener.open(req)
File "/usr/lib64/python2.4/urllib2.py", line 358, in open
response = self._open(req, data)
File "/usr/lib64/python2.4/urllib2.py", line 376, in _open
'_open', req)
File "/usr/lib64/python2.4/urllib2.py", line 337, in _call_chain
result = func(*args)
File "/usr/lib64/python2.4/site-packages/M2Crypto/m2urllib2.py", line 82, in https_open
h.request(req.get_method(), req.get_selector(), req.data, headers)
File "/usr/lib64/python2.4/httplib.py", line 810, in request
self._send_request(method, url, body, headers)
File "/usr/lib64/python2.4/httplib.py", line 833, in _send_request
self.endheaders()
File "/usr/lib64/python2.4/site-packages/M2Crypto/httpslib.py", line 149, in endheaders
HTTPSConnection.endheaders(self)
File "/usr/lib64/python2.4/httplib.py", line 804, in endheaders
self._send_output()
File "/usr/lib64/python2.4/httplib.py", line 685, in _send_output
self.send(msg)
File "/usr/lib64/python2.4/httplib.py", line 652, in send
self.connect()
File "/usr/lib64/python2.4/site-packages/M2Crypto/httpslib.py", line 165, in connect
self._start_ssl()
File "/usr/lib64/python2.4/site-packages/M2Crypto/httpslib.py", line 183, in _start_ssl
self.sock.connect_ssl()
File "/usr/lib64/python2.4/site-packages/M2Crypto/SSL/Connection.py", line 167, in connect_ssl
return m2.ssl_connect(self.ssl, self._timeout)
M2Crypto.SSL.SSLError: unexpected eof
- RHEL6 システムのエラーを以下に示します。
root@rhel6:~# yum list
Loaded plugins: downloadonly, product-id, subscription-manager
Updating certificate-based repositories.
rhel-6-server-rpms | 3.7 kB 00:00
https://cdn.redhat.com/content/dist/rhel/server/6/6Server/x86_64/os/repodata/4191f49633d7d23b6703b7473ef3a8df8dbfc42b-primary.sqlite.bz2:[Errno 14] problem making ssl connection
Trying other mirror.
https://cdn.redhat.com/content/dist/rhel/server/6/6Server/x86_64/os/repodata/4191f49633d7d23b6703b7473ef3a8df8dbfc42b-primary.sqlite.bz2:[Errno 14] problem making ssl connection
Trying other mirror.
Error: failure: repodata/4191f49633d7d23b6703b7473ef3a8df8dbfc42b-primary.sqlite.bz2 from rhel-6-server-rpms:[Errno 256] No more mirrors to try.
- HTTP プロキシから RHN Classic CDN へのアクセスには問題はありませんが、プロキシを使用しないと失敗します。
- この問題はプロキシそのものでも発生します。証明書ベースの CDN にはアクセスできず、同じ問題が発生します。
Environment
- Red Hat Enterprise Linux 5
- Red Hat Enterprise Linux 6
- 証明書ベースの CDN
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Close
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.