Yum update fails with 'Error: Cannot retrieve repository metadata (repomd.xml) for repository'

Solution Verified - Updated -

Environment

  • Red Hat Enterprise Linux 6
  • Red Hat Network Satellite or Proxy 5.4 or later

Issue

  • Yum update fails with :
Error: Cannot retrieve repository metadata (repomd.xml) for repository: XXXX. Please verify its path and try again

Resolution

  • Verify that the Satellite or Proxy server has a fully-qualified domain name (FQDN), and that the CommonName (CN) in the SSL certificate used by Apache is set to the FQDN:

    • For a self-signed Satellite certificate, the CN field should be FQDN for Issuer and Subject and these two fields should be matching,

      # grep CN /etc/httpd/conf/ssl.crt/server.crt
      Issuer: C=US, ST=North Carolina, O=Example Corp. Inc., OU=unit, CN=satellite.example.com
      Subject: C=US, ST=North Carolina, O=Example Corp. Inc., OU=unit, CN=satellite.example.com/emailAddress=admin@example.com
      
    • For a third-party SSL certificate, the CN field should be FQDN in Subject,

      Subject: C=US, ST=North Carolina, O=Example Corp. Inc., OU=unit, CN=satellite.example.com/emailAddress=admin@example.com
      
  • Also verify that the ssl.conf configuration file is pointing to the correct files:

    # grep ^SSLCert /etc/httpd/conf.d/ssl.conf
    SSLCertificateFile /etc/httpd/conf/ssl.crt/server.crt
    SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.key
    
  • Ensure that serverURL in the client system's /etc/sysconfig/rhn/up2date file uses the FQDN of the Satellite or Proxy server, e.g.:

    serverURL=https://satellite.example.com/XMLRPC
    
  • If the system connects to RHN via an http proxy, ensure that /etc/sysconfig/rhn/up2date is configured with the correct http_proxy information:

    httpProxy=http_proxy_fqdn or ip_address:port
    
  • If there is a duplicate file of /etc/sysconfig/rhn/up2date, remove it from /etc/sysconfig/rhn/

  • Ensure latest version of yum is installed:

# yum update yum
  • If all above settings are correct then clean the cache on client system using below command,

    # rm -rf /var/cache/yum/*
    

Root Cause

  • Inconsistent SSL configuration
  • Incorrect entries for http proxy and port number
  • Component
  • yum

This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.

7 Comments

# rm -rf /var/cache/yum/* solved this issue

In our case, same issue was being caused by HTTP_PROXY and HTTPS_PROXY being set in the environment variable (set by the SOE).
This caused yum to go to the organisation's HTTP proxy instead of to the Satellite server.
Unsetting it (or using noproxy to put satellite on the exclusion list) resolved the issue.

For us, a new FQDN was configured for the RHN Satellite Server, but the SSL cert was unchanged (contained CN for old FQDN).

We keep getting this error.
How do I set a static repository?
What URL?

If you are still getting an error I would suggest opening a support case at https://access.redhat.com/support/cases/new/ . In the meantime I'll try to get an answer over here as well. Thank you for your patience.

Updating yum* and nss* ended up fixing our issue:

Previous versions
nss-softokn-3.12.9-3.el6.x86_64
nss-sysinit-3.13.6-2.el6_3.x86_64
nss-softokn-freebl-3.12.9-3.el6.x86_64
nss-3.13.6-2.el6_3.x86_64
nss-tools-3.13.6-2.el6_3.x86_64
nss-util-3.13.6-1.el6_3.x86_64
nss-pam-ldapd-0.7.5-18.1.el6_4.x86_64

Quick fix:
[me@work]$ sudo sed -i 's/serverURL=https:/serverURL=http:/g' /etc/sysconfig/rhn/up2date; sudo yum update yum* nss* ; sudo sed -i 's/serverURL=http:/serverURL=https:/g' /etc/sysconfig/rhn/up2date

None of this worked.

$ rm -rf /var/cache/yum/*

$ yum update yum Loaded plugins: product-id, security, subscription-manager Setting up Update Process rhel-6-server-eus-rpms | 3.5 kB 00:00 rhel-6-server-eus-rpms/primary_db | 48 MB 00:04 rhel-6-server-rpms | 3.5 kB 00:00 rhel-6-server-rpms/primary_db | 51 MB 00:06 rhel-server-dts-6-rpms | 4.0 kB 00:00 rhel-server-dts-6-rpms/primary_db | 45 kB 00:00 rhel-server-dts2-6-rpms | 3.2 kB 00:00 rhel-server-dts2-6-rpms/primary_db | 166 kB 00:00 https://cdn.redhat.com/content/eus/rhel/server/6/6Server/x86_64/sjis/debug/repodata/repomd.xml: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found" Trying other mirror. Error: Cannot retrieve repository metadata (repomd.xml) for repository: rhel-sjis-for-rhel-6-server-eus-debug-rpms. Please verify its path and try again