Yum update fails with 'Error: Cannot retrieve repository metadata (repomd.xml) for repository'

Resolution

• Verify that the Satellite or Proxy server has a fully-qualified domain name (FQDN), and that the CommonName (CN) in the SSL certificate used by Apache is set to the FQDN:

  • For a self-signed Satellite certificate, the CN field should be FQDN for Issuer and Subject and these two fields should be matching,

    # grep CN /etc/httpd/conf/ssl.crt/server.crt
    Issuer: C=US, ST=North Carolina, O=Example Corp. Inc., OU=unit, CN=satellite.example.com
    Subject: C=US, ST=North Carolina, O=Example Corp. Inc., OU=unit, CN=satellite.example.com/emailAddress=admin@example.com
    

  • For a third-party SSL certificate, the CN field should be FQDN in Subject,

    Subject: C=US, ST=North Carolina, O=Example Corp. Inc., OU=unit, CN=satellite.example.com/emailAddress=admin@example.com
    

• Also verify that the ssl.conf configuration file is pointing to the correct files:

  # grep ^SSLCert /etc/httpd/conf.d/ssl.conf
  SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
  SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
  

• Ensure that serverURL in the client system's /etc/sysconfig/rhn/up2date file uses the FQDN of the Satellite or Proxy server, e.g.:

  serverURL=https://satellite.example.com/XMLRPC
  

• If the system connects to RHN via an http proxy, ensure that /etc/sysconfig/rhn/up2date is configured with the correct http_proxy information:

  httpProxy=http_proxy_fqdn or ip_address:port
  

• If there is a duplicate file of /etc/sysconfig/rhn/up2date, remove it from /etc/sysconfig/rhn/

• Ensure latest version of yum is installed:

# yum update yum

• If all above settings are correct then clean the cache on client system using below command,

  # rm -rf /var/cache/yum/*