Registration to RHSM fails with 'certificate is not yet valid'

Environment

RHEL8

Issue

Registration to RHSM fails with 'certificate is not yet valid'

Resolution

Run timedatectl command to make sure the system time is correct

# timedatectl

Root Cause

System time is out of sync

Diagnostic Steps

[rhel_host]# curl -v https://subscription.rhsm.redhat.com --cacert /etc/rhsm/ca/redhat-uep.pem  
 ... omit
 * TLSv1.2 (OUT), TLS alert, bad certificate (554):
 * SSL certificate problem: certificate is not yet valid
 * Closing connection 0
 curl: (60) SSL certificate problem: certificate is not yet valid

 [rhel_host]# openssl s_client -connect subscription.rhsm.redhat.com:443 -CAfile /etc/rhsm/ca/redhat-uep.pem
 ...omit
 SSL handshake has read 5162 bytes and written 431 bytes
 Verification error: certificate is not yet valid
 ...omit

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

Select Your Language

Registration to RHSM fails with 'certificate is not yet valid'

Environment

Issue

Resolution

Root Cause

Diagnostic Steps

Comments

Quick Links

Help

Site Info

Related Sites

About

Red Hat legal and privacy links

Red Hat legal and privacy links

Environment

Issue

Resolution

Root Cause

Diagnostic Steps

Comments

Quick Links

Help

Site Info

Related Sites

Systems Status

About

Red Hat legal and privacy links

Red Hat legal and privacy links