Open Source Development

Power Open Source Development

Explore the open source tools and capabilities for building and deploying modern applications on IBM Power platforms including AIX, IBM i, and Linux.


#Power


#Power

 View Only

  • 1.  yum update getting TLS connect error on the AIX servers

    Posted Fri April 11, 2025 11:06 AM

    Hi,

    We use yum update to update all the Linux toolbox packages on AIX7.2.

    This has been working perfectly until yesterday, and all our servers are displaying the following error, when I run "yum update"

    # yum update
    https://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml: [Errno 14] curl#35 - "TLS connect error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed"
    Trying other mirror.
    Error: Cannot retrieve repository metadata (repomd.xml) for repository: AIX_Toolbox. Please verify its path and try again
    yum repolist gives similar error:
    # yum repolist
    https://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml: [Errno 14] curl#35 - "TLS connect error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed"
    Trying other mirror.
    repo id repo name statusAIX_Toolbox AIX generic repository 0
    AIX_Toolbox_72 AIX 7.2 specific repository 0
    AIX_Toolbox_noarch AIX noarch repository 0
    repolist: 0
    I have verified our firewall access to the above URL with wget and curl and everything looks good. It almost seems like the cert that is used by yum update/curl has expired, but I don't know which cert file it uses and where to get it from if it expired. 
    Does anyone know, what I am missing here?  All our AIX servers use the same yum.conf file. 
    Thank you!



    ------------------------------
    Prakash Gollapalli
    ------------------------------

    #AIXOpenSource


  • 2.  RE: yum update getting TLS connect error on the AIX servers

    Posted Mon April 14, 2025 12:52 AM

    Hi Prakash

    Have you verified with "openssl s_client -connect public.dhe.ibm.com:443" command ?

    Can you send me the output of above command ?



    ------------------------------
    SANGAMESH
    ------------------------------

    Original Message


  • 3.  RE: yum update getting TLS connect error on the AIX servers

    Posted Thu April 24, 2025 05:33 AM

    Hi,

    I am having the same issue:

    Loaded plugins: downloadonly
    anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml:">https://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml: [Errno 14] curl#35 - "TLS connect error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed"
    Trying other mirror.
    Error: Cannot retrieve repository metadata (repomd.xml) for repository: AIX_Toolbox. Please verify its path and try again

    When I try the openssl command that you provided, I get the following error:

    openssl s_client -connect public.dhe.ibm.com:443
    00000001:error:10080002:BIO routines:(unknown function):system lib:crypto/bio/bio_addr.c:738:Hostname and service name not provided or found
    connect:errno=0

    Thanks and best regards

    Adrian



    ------------------------------
    Adrian Juergensen
    ------------------------------

    Original Message


  • 4.  RE: yum update getting TLS connect error on the AIX servers

    Posted Fri April 25, 2025 09:21 AM

    Please check this post https://community.ibm.com/community/user/power/discussion/dnf-installation-2



    ------------------------------
    SANGAMESH
    ------------------------------

    Original Message


  • 5.  RE: yum update getting TLS connect error on the AIX servers

    Posted Mon April 28, 2025 11:04 AM

    Hi Sangamesh,

    thanks for your reply. In my case, it was not a connectivity issue.

    After Prakash said that the migration to DNF fixed his problem, i tried that and it worked like a charm.

    Thank you both for your time and assistance!

    Best regards

    Adrian



    ------------------------------
    Adrian Juergensen
    ------------------------------

    Original Message


  • 6.  RE: yum update getting TLS connect error on the AIX servers

    Posted Fri April 25, 2025 09:35 AM

    Hi Sangamesh,

    Thanks for your reply. Sorry, I haven't checked this forum for some time.

    I have migrated our repos to DNF and everything works fine with dnf update. 

    Here are the steps I followed:

    1.    wget https://public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/ezinstall/ppc/dnf_aixtoolbox.sh
    2.     chmod 755 dnf_aixtoolbox.sh
    3.    ./dnf_aixtoolbox.sh -n  (option for dnf to coexist with yum while migrating existing packages to dnf)
    4.    rpm -e yum-3.4.3-8.noarch (remove existing yum package. Otherwise dnf update will fail with conflict)
    5.    dnf update (works)



    ------------------------------
    Prakash Gollapalli
    ------------------------------

    Original Message


Related Content