Yum commands and registration to Red Hat Satellite or Capsule fail due to SSL-related errors.

Issue

• Registration to Red Hat Satellite or Red Hat Capsule is failing with certificate key usage inadequate for attempted operation.
• Where to look if there is an issue with SSL certificates or connectivity over HTTPS with Red Hat SatelliteorRed Hat Capsule`?
• How to verify and troubleshoot whether the SSL certificate installed on the Client systems are matching with Red Hat satellite or Red Hat Capsule?
• When registering systems to Red Hat Satellite/Capsule using subscription-manager fails with Unable to verify server's identity: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897) .

• After updating custom SSL certificates on the Satellite and the Capsule, subscription-manager fails with the below error.

  Unable to verify server's identity: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:618)
  

• After updating custom SSL certificates on Red Hat Satellite 6, the dnf commands issued from content hosts are encountering the following errors:

  - Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://satellitetest.example.com/pulp/repos/Test/Library/content/dist/rhel8/8/x86_64/appstream/os/repodata/repomd.xml [SSL certificate problem: self signed certificate in certificate chain]
  Error: Failed to download metadata for repo 'rhel-8-for-x86_64-appstream-rpms': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
  

    - Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://capsule.example.com/pulp/content/organization/Library/content/dist/rhel8/8/x86_64/appstream/os/repodata/repomd.xml [SSL certificate problem: unable to get local issuer certificate]