Red Hat Enterprise Linux server update via yum/dnf is failing with error `SSL certificate problem: CA certificate key too weak`

Solution Verified - Updated -

Issue

  • While trying to update a Red Hat Enterprise Linux server using Red Hat Satellite Server is failing with below mentioned error message.

    Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://satellite.example.com/pulp/repos/Default_Organization/Library/content/dist/layered/rhel8/x86_64/sat-tools/6.7/os/repodata/repomd.xml [SSL certificate problem: EE certificate key too weak]

  • Not able to install packages due to SSL certificate problem.

  • SSL certificate problem when installing any package:

    # yum install telnet
Updating Subscription Management repositories.
RHEL 8                                                                                                                                                                         0.0  B/s |   0  B     00:00    
Errors during downloading metadata for repository 'TEST_repo-rhel-8-RHEL_8':
  - Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://test.example.com/pulp/content/TEST/production-rhel-8/cv-rhel-8/custom/repo-rhel-8/RHEL_8_TEST/repodata/repomd.xml [SSL certificate problem: CA certificate key too weak]
Error: Failed to download metadata for repo 'TEST_repo-rhel-8-RHEL_8': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried

Environment

  • Red Hat Enterprise Linux 8
  • Any of the following as the source of the packages:
    • Red Hat Satellite 6.x
    • The Red Hat CDN
    • Online third party repository

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content