Why does kickstart with liveimg as source FAILS when using HTTPS and --noverifyssl flag ?

Solution Verified - Updated -

Issue

  • When using kickstart with liveimg command to provide a source image hosted over HTTPS URL using self signed certificates, it fails to download the image with error SSL: CERTIFICATE_VERIFY_FAILED even when using the --noverifyssl flag

    HTTPSConnectionPool(host='HTTPServer.example.com', port=443): Max retries exceeded with url: /liveimg-tests/image-root.tar.xz (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:897)'),))

  • When use the source URL over HTTP , the installation works but same fails over HTTPS

    WORKS
liveimg --url http://HTTPServer.example.com/liveimg-tests/image-root.tar.xz --noverifyssl    

FAILS
liveimg --url https://HTTPServer.example.com/liveimg-tests/image-root.tar.xz --noverifyssl

  • The kickstart documentation states that --noverifyssl should disable SSL verification when connecting to an HTTPS URL, but it still receives this error.

Environment

  • Red Hat Enterprise Linux 8
  • Red Hat Enterprise Linux 9

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content