rhnpush fails with "ERROR: unhandled exception occurred: ([('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')])."

Solution Verified - Updated -

Issue

  • Implemented a third party SSL certificate/key but unable to push RPM packages to repositories/channels.
rhnpush -c channel-x86_64-6 -u admin -p admin rhn-org-trusted-ssl-cert-1.0-2.noarch.rpm 

ERROR: unhandled exception occurred: ([('SSL routines', 'SSL3_GET_SERVER_CERTIFICATE', 'certificate verify failed')]).
  • This is the procedure I used to regenerate certificates:
cd /root
rm -rf ssl-build
rhn-ssl-tool --gen-ca --rpm-only
cp ~/example.key ./ssl-build/prod-sat01/server.key
cp ~/example.crt ./ssl-build/prod-sat01/server.crt 
cp ~/example.crt ./ssl-build/RHN-ORG-TRUSTED-SSL-CERT
cp ~/cert-example-bundle.crt ./ssl-build/prod-sat01/server.csr
rhn-ssl-tool --gen-server --rpm-only
rhn-ssl-tool --gen-ca  --rpm-only
rpm -Uvh rhn-org-trusted-ssl-cert-1.0-2.noarch
rpm -Uvh /root/ssl-build/prod-sat01/rhn-org-httpd-ssl-key-pair-prod-sat01-1.0-2.noarch.rpm

Now OSAD is broken and I can't get RPMs to push to the server.

The HTTPS web site is fine, however and I can get in to the web GUI w/ no errors. ie: My browser accepts the 3rd party signed certificate.

Environment

Red Hat Satellite or Proxy 5.6

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content