Oh, that error you're seeing is because your system(s) don't recognize the SSL cert generated by Spacewalk. In your bootstrap script, is the RHN-ORG-TRUSTED-CERT (or something like that) being pushed correctly to the clients? Otherwise they won't recognize the SSL cert being presented by your Spacewalk master.
Try openssl s_client -connect spacewalkfqdn:443 -showcerts to see what the verify result is. On Thu, Mar 31, 2016 at 2:08 PM Konstantin Raskoshnyi <[email protected]> wrote: > The problem is - my servers don't have internet access. I set up epel > repo sync on spacewalk...For example epel > > [epel] > name=Extra Packages for Enterprise Linux 6 - $basearch > baseurl=https://spacewalk/repos/epel6/x86_64/ > #mirrorlist= > https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch > failovermethod=priority > enabled=1 > gpgcheck=0 > > When I try to install yum install rhn-client-tools rhn-check rhn-setup > rhnsd m2crypto yum-rhn-plugin > > It shows me https://spacewalk/repos/epel6/x86_64/repodata/repomd.xml: > [Errno 14] Peer cert cannot be verified or peer cert invalid > > So strange > > On Wed, Mar 30, 2016 at 6:04 PM, Matt Moldvan <[email protected]> wrote: > >> I had a similar issue for systems that had old versions of nss, they >> couldn't deal with an HTTPS repo for some reason. Is your >> /etc/sysconfig/rhn/up2date pointing to https://something by chance? If >> so try changing it to http, updating yum and nss fully, then changing it >> back to https. >> >> One liner: sudo sed -i 's/serverURL=https:/serverURL=http:/g' >> /etc/sysconfig/rhn/up2date; sudo yum update yum* nss* ; sudo sed -i >> 's/serverURL=http:/serverURL=https:/g' /etc/sysconfig/rhn/up2date >> >> On Wed, Mar 30, 2016 at 6:47 PM Konstantin Raskoshnyi <[email protected]> >> wrote: >> >>> Deployed a new machine, it didn't have internet access, added manually >>> epel repo & spacewalk repo and installed client, registered on the >>> spacewalk. >>> >>> The system shows this error, when I try to do anything: >>> >>> Cannot retrieve repository metadata (repomd.xml) for repository: >>> epel_sci_6. Please verify its path and try again >>> >>> If I remove software channels from this machine it shows the same error >>> but with the parent channel. >>> >>> Any solutions? >>> _______________________________________________ >>> Spacewalk-list mailing list >>> [email protected] >>> https://www.redhat.com/mailman/listinfo/spacewalk-list >> >> >> _______________________________________________ >> Spacewalk-list mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/spacewalk-list >> > > _______________________________________________ > Spacewalk-list mailing list > [email protected] > https://www.redhat.com/mailman/listinfo/spacewalk-list
_______________________________________________ Spacewalk-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/spacewalk-list
