Redhat yum update /usr/share/rhn/RHNS-CA-CERT is expired.

On a RHEL 6 server connected to a satellite when doing a yum update I got :-

yum update

Loaded plugins: product-id, rhnplugin, search-disabled-repos, security

The certificate /usr/share/rhn/RHNS-CA-CERT is expired. Please ensure you have the correct certificate and your system time is correct.

so

cat /usr/share/rhn/RHNS-CA-CERT
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 0 (0x0)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=US, ST=North Carolina, L=Raleigh, O=Red Hat, Inc., OU=Red Hat Network, CN=RHN Certificate Authority/emailAddress=rhn-noc@redhat.com
Validity
Not Before: Aug 29 02:10:55 2003 GMT
Not After : Aug 26 02:10:55 2013 GMT
Subject: C=US, ST=North Carolina, L=Raleigh, O=Red Hat, Inc., OU=Red Hat Network, CN=RHN Certificate Authority/emailAddress=rhn-noc@redhat.com

Diagnostics

Check /etc/sysconfig/rhn/up2date

It had

sslCACert[comment]=The CA cert used to verify the ssl server
sslCACert=/usr/share/rhn/RHNS-CA-CERT

But on another RHEL 6 server using the same satellite it had

sslCACert[comment]=The CA cert used to verify the ssl server
sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT

The fix

I copied over /usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT  from the working machine and changed /etc/sysconfig/rhn/up2date :-

sslCACert[comment]=The CA cert used to verify the ssl server
sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT

 

Now  yum update worked.

Leave a Reply

Your email address will not be published. Required fields are marked *