thanks for your reply. In my case, it was not a connectivity issue.
After Prakash said that the migration to DNF fixed his problem, i tried that and it worked like a charm.
Original Message:
Sent: Fri April 25, 2025 09:20 AM
From: SANGAMESH MALLAYYA
Subject: yum update getting TLS connect error on the AIX servers
Please check this post https://community.ibm.com/community/user/power/discussion/dnf-installation-2
------------------------------
SANGAMESH
Original Message:
Sent: Thu April 24, 2025 03:38 AM
From: Adrian Juergensen
Subject: yum update getting TLS connect error on the AIX servers
Hi,
I am having the same issue:
Loaded plugins: downloadonly
anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml:">https://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml: [Errno 14] curl#35 - "TLS connect error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed"
Trying other mirror.
Error: Cannot retrieve repository metadata (repomd.xml) for repository: AIX_Toolbox. Please verify its path and try again
When I try the openssl command that you provided, I get the following error:
openssl s_client -connect public.dhe.ibm.com:443
00000001:error:10080002:BIO routines:(unknown function):system lib:crypto/bio/bio_addr.c:738:Hostname and service name not provided or found
connect:errno=0
Thanks and best regards
Adrian
------------------------------
Adrian Juergensen
Original Message:
Sent: Mon April 14, 2025 12:51 AM
From: SANGAMESH MALLAYYA
Subject: yum update getting TLS connect error on the AIX servers
Hi Prakash
Have you verified with "openssl s_client -connect public.dhe.ibm.com:443" command ?
Can you send me the output of above command ?
------------------------------
SANGAMESH
Original Message:
Sent: Thu April 10, 2025 04:26 PM
From: Prakash Gollapalli
Subject: yum update getting TLS connect error on the AIX servers
Hi,
We use yum update to update all the Linux toolbox packages on AIX7.2.
This has been working perfectly until yesterday, and all our servers are displaying the following error, when I run "yum update"
# yum updatehttps://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml: [Errno 14] curl#35 - "TLS connect error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed"Trying other mirror.Error: Cannot retrieve repository metadata (repomd.xml) for repository: AIX_Toolbox. Please verify its path and try again
yum repolist gives similar error:
# yum repolisthttps://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/repodata/repomd.xml: [Errno 14] curl#35 - "TLS connect error: error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed"Trying other mirror.repo id repo name statusAIX_Toolbox AIX generic repository 0AIX_Toolbox_72 AIX 7.2 specific repository 0AIX_Toolbox_noarch AIX noarch repository 0repolist: 0
I have verified our firewall access to the above URL with wget and curl and everything looks good. It almost seems like the cert that is used by yum update/curl has expired, but I don't know which cert file it uses and where to get it from if it expired.
Does anyone know, what I am missing here? All our AIX servers use the same yum.conf file.
Thank you!
------------------------------
Prakash Gollapalli
------------------------------