rhnpush on Red Hat Network Satellite fails with "ERROR: unhandled exception occurred: ([('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')])"

Solution Verified - Updated -

Environment

  • Red Hat Network Satellite
  • rhnpush

Issue

  • When trying to push packages from Red Hat Network Satellite,'rhnpush' is failing with following error message:
[root@MySatellite]# rhnpush -c Custom-Channel-1  Mycustom.i686.rpm

ERROR: unhandled exception occurred: ([('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')]).

Resolution

  • Move the existing RHN-ORG-TRUSTED-SSL-CERT cert file from /usr/share/rhn/ to any other location.
  • Now add a fresh copy of the same certificate file frm /root/ssl-build/ directory to /usr/share/rhn/ and then try to again push packages to the satellite server.
  • Make sure the CommonName on the /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT is pointing to the expected server.
   # grep CN= /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT

Root Cause

  • rhnpush uses RHN-ORG-TRUSTED-SSL-CERT file available under /usr/share/rhn/ which was found to be corrupted replacing the same with a new one resolved this issue.

Diagnostic Steps

  • check the md5sum of RHN-ORG-TRUSTED-SSL-CERT file available under /usr/share/rhn/ with the one available under /root/ssl-build/ directory.

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Comments