Using puppet 6.28 on Redhat 8 within AWS, using the latest version of this module.
When using DNF to install or update packages, we get the following error:
- Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://rhui2-cds01.eu-west-1.aws.ce.redhat.com/pulp/mirror/content/dist/rhel/rhui/server/8/8/x86_64/rh-common/os [SSL certificate problem: certificate has expired]
Error: Failed to download metadata for repo 'rhui-REGION-rhel-server-rh-common': Cannot prepare internal mirrorlist: Curl error (60): Peer certificate cannot be authenticated with given CA certificates for https://rhui2-cds01.eu-west-1.aws.ce.redhat.com/pulp/mirror/content/dist/rhel/rhui/server/8/8/x86_64/rh-common/os [SSL certificate problem: certificate has expired]
This is being caused by the server listed in https://github.com/voxpupuli/puppet-yum/blob/master/data/os/RedHat/RedHat.yaml#L25 having an expired certificate.
Redhat have updated the server list (when not using the module), Redhat have change the Mirror list to
mirrorlist=https://rhui.REGION.aws.ce.redhat.com/pulp/mirror/content/dist/rhel8/rhui/$releasever/$basearch/baseos/os
This new server does not have the certificate issue.
It seems like the module needs to update the details in
https://github.com/voxpupuli/puppet-yum/blob/master/data/os/RedHat/RedHat.yaml
How to reproduce (e.g Puppet code you use)
manage_os_default_repos => true,
require => File['/etc/yum.repos.d'],
managed_repos => $_managed_repos,
repos => $_repos,
config_options => {
gpgcheck => true,
assumeyes => {
ensure => 'absent',
},
debuglevel => {
ensure => absent,
},
installonly_limit => 3,
skip_if_unavailable => 'True',
clean_requirements_on_remove => 'True',
best => 'True',
},
notify => Exec['clear yum cache'],
loglevel => 'warning',
}
Run dnf install make
What are you seeing
SSL certificate problem: certificate has expired
What behaviour did you expect instead
No error
Output log
N/A
Any additional information you'd like to impart
Using puppet 6.28 on Redhat 8 within AWS, using the latest version of this module.
When using DNF to install or update packages, we get the following error:
This is being caused by the server listed in https://github.com/voxpupuli/puppet-yum/blob/master/data/os/RedHat/RedHat.yaml#L25 having an expired certificate.
Redhat have updated the server list (when not using the module), Redhat have change the Mirror list to
mirrorlist=https://rhui.REGION.aws.ce.redhat.com/pulp/mirror/content/dist/rhel8/rhui/$releasever/$basearch/baseos/osThis new server does not have the certificate issue.
It seems like the module needs to update the details in
https://github.com/voxpupuli/puppet-yum/blob/master/data/os/RedHat/RedHat.yaml
How to reproduce (e.g Puppet code you use)
Run
dnf install makeWhat are you seeing
SSL certificate problem: certificate has expired
What behaviour did you expect instead
No error
Output log
N/A
Any additional information you'd like to impart