I recently installed dnf but it seems to have stopped working for some reason. Initially I ran 'dnf update --allowerasing' and it completed ok. When I try to install anything new I am getting a certificate error:
# dnf install wgetLast metadata expiration check: 4:37:30 ago on Thu Jun 16 09:58:51 MDT 2022.Dependencies resolved.===========================================================================================================================Package Architecture Version Repository Size===========================================================================================================================Installing:wget ppc 1.21.2-1 AIX_Toolbox 705 kTransaction Summary===========================================================================================================================Install 1 PackageTotal download size: 705 kInstalled size: 705 kIs this ok [y/N]: yDownloading Packages:[MIRROR] wget-1.21.2-1.aix6.1.ppc.rpm: Curl error (60): SSL peer certificate or SSH remote key was not OK for anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/wget/wget-1.21.2-1.aix6.1.ppc.rpm">https://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/wget/wget-1.21.2-1.aix6.1.ppc.rpm [SSL certificate problem: self signed certificate in certificate chain][MIRROR] wget-1.21.2-1.aix6.1.ppc.rpm: Curl error (60): SSL peer certificate or SSH remote key was not OK for anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/wget/wget-1.21.2-1.aix6.1.ppc.rpm">https://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/wget/wget-1.21.2-1.aix6.1.ppc.rpm [SSL certificate problem: self signed certificate in certificate chain][MIRROR] wget-1.21.2-1.aix6.1.ppc.rpm: Curl error (60): SSL peer certificate or SSH remote key was not OK for anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/wget/wget-1.21.2-1.aix6.1.ppc.rpm">https://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/wget/wget-1.21.2-1.aix6.1.ppc.rpm [SSL certificate problem: self signed certificate in certificate chain][MIRROR] wget-1.21.2-1.aix6.1.ppc.rpm: Curl error (60): SSL peer certificate or SSH remote key was not OK for anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/wget/wget-1.21.2-1.aix6.1.ppc.rpm">https://anonymous:anonymous@public.dhe.ibm.com/aix/freeSoftware/aixtoolbox/RPMS/ppc/wget/wget-1.21.2-1.aix6.1.ppc.rpm [SSL certificate problem: self signed certificate in certificate chain][FAILED] wget-1.21.2-1.aix6.1.ppc.rpm: No more mirrors to try - All mirrors were already tried without successError: Error downloading packages:Cannot download wget/wget-1.21.2-1.aix6.1.ppc.rpm: All mirrors were triedI tried to re-install the ca-certs:
# rpm --reinstall ca-certificates-2021.2.52-1.aix6.1.ppc.rpmDoing /var/ssl/certsDoing /var/ssl/64/certsDoing /var/ssl/certs# oslevel -s
7200-05-03-2148
root@bison13 [/IPW/installs/aix_rpms]
# dnf --version
4.2.17
Installed: dnf-0:4.2.17-32_50.ppc at Thu Jun 16 17:55:21 MST 2022
Built : IBM AIX Toolbox <https://ibm.biz/AIXToolbox> at Thu Apr 21 10:10:15 MST 2022
# rpm -qi curl
Name : curl
Version : 7.79.1
Release : 1
Architecture: ppc
Install Date: Thu Jun 16 11:55:11 MDT 2022
Group : Applications/Internet
Size : 4567917
License : MIT/X derivate
Signature : (none)
Source RPM : curl-7.79.1-1.src.rpm
Build Date : Wed Oct 6 07:48:02 MDT 2021
Build Host : pokndd5.pok.stglabs.ibm.com
Relocations : /opt/freeware
Packager : IBM AIX Toolbox <https://ibm.biz/AIXToolbox>
URL :
http://curl.haxx.se/Bug URL :
https://ibm.biz/aixoss_forumSummary : get a file from a FTP or HTTP server.
Description :
curl is a client to get documents/files from servers, using any of the
supported protocols. The command is designed to work without user
interaction or any kind of interactivity.
curl offers many useful tricks like proxy support, user authentication,
ftp upload, HTTP post, file transfer resume and more.
Note: this version is compiled with SSL support.
# lslpp -l | grep ssl
openssl.base 1.1.2.1200 COMMITTED Open Secure Socket Layer
openssl.base 1.1.2.1200 COMMITTED Open Secure Socket Layer
Thanks
------------------------------
Adam Swartz
------------------------------