Hello, I'm trying to run genimage with rhels8.5.0 and I've added some https
repos to pkgdir image definition:
[root@headnode repos]# lsdef -t osimage rhels8.5.0-x86_64-netboot-compute
Object name: rhels8.5.0-x86_64-netboot-compute
exlist=/opt/xcat/share/xcat/netboot/rh/compute.rhels8.x86_64.exlist
imagetype=linux
osarch=x86_64
osdistroname=rhels8.5.0-x86_64
osname=Linux
osvers=rhels8.5.0
otherpkgdir=/install/post/otherpkgs/rhels8.5.0/x86_64
otherpkglist=/install/custom/netboot/compute.otherpkglist
permission=755
pkgdir=/install/rhels8.5.0/x86_64,https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os,https://cdn.redhat.com/content/dist/rhel8/8/x86_64/appstream/os,https://cdn.redhat.com/content/dist/rhel8/8/x86_64/codeready-builder/os,https://download.fedoraproject.org/pub/epel/8/Everything/x86_64,https://download.fedoraproject.org/pub/epel/8/Modular/x86_64,http://repos.openhpc.community/OpenHPC/2/CentOS_8,http://repos.openhpc.community/OpenHPC/2/updates/CentOS_8
pkglist=/opt/xcat/share/xcat/netboot/rh/compute.rhels8.x86_64.pkglist
postinstall=/opt/xcat/share/xcat/netboot/rh/compute.rhels8.x86_64.postinstall,/install/custom/netboot/compute.postinstall
profile=compute
provmethod=netboot
rootimgdir=/install/netboot/rhels8.5.0/x86_64/compute
synclists=/install/custom/netboot/compute.synclists
But when I issue genimage there's some issues with curl. It seems something is
broken with the certificate chain:
Errors during downloading metadata for repository 'rhels8.5.0-x86_64-2':
- Curl error (60): Peer certificate cannot be authenticated with given CA cert
ificates for https://cdn.redhat.com/content/dist/rhel8/8/x86_64/baseos/os/repoda
ta/repomd.xml [SSL certificate problem: self signed certificate in certificate
chain]
Error: Failed to download metadata for repo 'rhels8.5.0-x86_64-2': Cannot
download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
rhels8.5.0-x86_64-3 0.0 B/s | 0 B 00:00
Errors during downloading metadata for repository 'rhels8.5.0-x86_64-3':
- Curl error (60): Peer certificate cannot be authenticated with given CA
certificates for
https://cdn.redhat.com/content/dist/rhel8/8/x86_64/appstream/os/repodata/repomd.xml
[SSL certificate problem: self signed certificate in certificate chain]
Error: Failed to download metadata for repo 'rhels8.5.0-x86_64-3': Cannot
download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
rhels8.5.0-x86_64-4 0.0 B/s | 0 B 00:00
Errors during downloading metadata for repository 'rhels8.5.0-x86_64-4':
- Curl error (60): Peer certificate cannot be authenticated with given CA
certificates for
https://cdn.redhat.com/content/dist/rhel8/8/x86_64/codeready-builder/os/repodata/repomd.xml
[SSL certificate problem: self signed certificate in certificate chain]
Error: Failed to download metadata for repo 'rhels8.5.0-x86_64-4': Cannot
download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
rhels8.5.0-x86_64-5 7.5 MB/s | 11 MB 00:01
rhels8.5.0-x86_64-6 1.1 MB/s | 979 kB 00:00
rhels8.5.0-x86_64-7 1.7 MB/s | 3.1 MB 00:01
rhels8.5.0-x86_64-8 1.5 MB/s | 2.6 MB 00:01
otherpkgs1 0.0 B/s | 0 B 00:00
Errors during downloading metadata for repository 'otherpkgs1':
- Curl error (37): Couldn't read a file:// file for
file:///install/post/otherpkgs/rhels8.5.0/x86_64/repodata/repomd.xml [Couldn't
open file /install/post/otherpkgs/rhels8.5.0/x86_64/repodata/repomd.xml]
Error: Failed to download metadata for repo 'otherpkgs1': Cannot download
repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
Is there any fix to this curl certificate chain errors?
Thank you.
_______________________________________________
xCAT-user mailing list
xCAT-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/xcat-user
