Registering a RHEL system via RHSM through a firewall or proxy fails with 'Unable to verify server's identity: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)' error
Issue
Registering a RHEL system via RHSM through a firewall or proxy fails with the following error:
Unable to verify server's identity: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)
The following backtrace is logged in /var/log/rhsm/rhsm.log:
2021-12-23 16:48:22,591 [ERROR] dnf:1905:MainThread @repolib.py:358 - [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)
Traceback (most recent call last):
File "/usr/lib64/python3.6/site-packages/subscription_manager/repolib.py", line 355, in __init__
self.override_supported = 'content_overrides' in get_supported_resources(uep=None, identity=self.identity)
File "/usr/lib64/python3.6/site-packages/subscription_manager/utils.py", line 245, in get_supported_resources
return cache.read_data(uep, identity)
File "/usr/lib64/python3.6/site-packages/subscription_manager/cache.py", line 906, in read_data
current_data = self._sync_with_server(uep=uep, consumer_uuid=identity.uuid)
File "/usr/lib64/python3.6/site-packages/subscription_manager/cache.py", line 1014, in _sync_with_server
return uep.get_supported_resources()
File "/usr/lib64/python3.6/site-packages/rhsm/connection.py", line 990, in get_supported_resources
self._load_supported_resources()
File "/usr/lib64/python3.6/site-packages/rhsm/connection.py", line 978, in _load_supported_resources
resources_list = self.conn.request_get("/")
File "/usr/lib64/python3.6/site-packages/rhsm/connection.py", line 906, in request_get
return self._request("GET", method, headers=headers, cert_key_pairs=cert_key_pairs)
File "/usr/lib64/python3.6/site-packages/rhsm/connection.py", line 932, in _request
info=info, headers=headers, cert_key_pairs=cert_key_pairs)
File "/usr/lib64/python3.6/site-packages/rhsm/connection.py", line 728, in _request
conn.request(request_type, handler, body=body, headers=final_headers)
File "/usr/lib64/python3.6/http/client.py", line 1269, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib64/python3.6/http/client.py", line 1315, in _send_request
self.endheaders(body, encode_chunked=encode_chunked)
File "/usr/lib64/python3.6/http/client.py", line 1264, in endheaders
self._send_output(message_body, encode_chunked=encode_chunked)
File "/usr/lib64/python3.6/http/client.py", line 1040, in _send_output
self.send(msg)
File "/usr/lib64/python3.6/http/client.py", line 978, in send
self.connect()
File "/usr/lib64/python3.6/http/client.py", line 1437, in connect
server_hostname=server_hostname)
File "/usr/lib64/python3.6/ssl.py", line 365, in wrap_socket
_context=self, _session=session)
File "/usr/lib64/python3.6/ssl.py", line 776, in __init__
self.do_handshake()
File "/usr/lib64/python3.6/ssl.py", line 1036, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib64/python3.6/ssl.py", line 648, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)
Environment
- Red Hat Enterprise Linux
- Red Hat Subscription Management (RHSM)
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.