I just started a Standard RedHat 7 VM on Azure.
I login and type:
sudo yum update
and get:
Loaded plugins: langpacks, product-id, search-disabled-repos
https://rhui-3.microsoft.com/pulp/repos//content/dist/rhel/rhui/server/7/7Server/x86_64/dotnet/1/debug/repodata/repomd.xml:
[Errno 14] curl#58 - "SSL peer rejected your certificate as expired."
Trying other mirror.
https://rhui-1.microsoft.com/pulp/repos//content/dist/rhel/rhui/server/7/7Server/x86_64/dotnet/1/debug/repodata/repomd.xml:
[Errno 14] curl#58 - "SSL peer rejected your certificate as expired."
Trying other mirror.
...
I thought that the PAYG license include updates? Or is the current image broken? Tried the 7.4 image too?
From MSDN, you can run this command to update the RHUI client certificate on the Azure RedHat VM:
sudo yum update -y --disablerepo='*' --enablerepo='*microsoft*'
And now you should be able to download/update packages packages without the SSL peer rejected your certificate as expired
error.
Tested this on Azure RedHat Enterprise Linux 7.3 and it works fine for me.
I ran into this issue previously and the workaround provided by Azure support was to run the following commands:
wget https://rhui-1.microsoft.com/pulp/repos/microsoft-azure-rhel7/rhui-azure-rhel7-2.2-74.noarch.rpm
sudo rpm -U rhui-azure-rhel7-2.2-74.noarch.rpm
sudo yum clean all
sudo yum repolist
I also faced same issue yesterday. I referred to following links on Redhat Support Portal.
Though my problem didn't got resolved from the above post after following instructions as it is, after taking cue from the problem description, following worked for me. In my case, older version of "rhui-azure-rhel7" RPM was installed on VM I had setup few weeks back where I was facing same issue as yours.
curl -o azureclient.rpm https://rhui-1.microsoft.com/pulp/repos/microsoft-azure-rhel7/rhui-azure-rhel7-2.2-74.noarch.rpm
rpm -U azureclient.rpm
Hope this helps.
You need to update the RHUI certificate using the Microsoft-provided RPM.
RHEL 6:
$ curl -o azureclient.rpm https://rhui-1.microsoft.com/pulp/repos/microsoft-azure-rhel6/Packages/r/rhui-azure-rhel6-2.2-97.noarch.rpm
$ sudo rpm -U azureclient.rpm
$ sudo yum clean all
$ sudo yum repolist all
RHEL 7:
$ curl -o azureclient.rpm https://rhui-1.microsoft.com/pulp/repos/microsoft-azure-rhel7/Packages/r/rhui-azure-rhel7-2.2-97.noarch.rpm
$ sudo rpm -U azureclient.rpm
$ sudo yum clean all
$ sudo yum repolist all
Root Cause: The certificate for the RHUI client is no longer valid and needs to be updated.
If you can't download rhui-azure-rhel7-2.2-74.noarch.rpm using wget, you can use a manual update procedure. Worked for me.
This one:
https://learn.microsoft.com/en-us/azure/virtual-machines/linux/update-infrastructure-redhat#manual-update-procedure-to-use-the-azure-rhui-servers
Shortly, it is:
# Download key
curl -o RPM-GPG-KEY-microsoft-azure-release https://download.microsoft.com/download/9/D/9/9d945f05-541d-494f-9977-289b3ce8e774/microsoft-sign-public.asc
# Validate it
# keyid must be EB3E94ADBE1229CF
# user ID must be "Microsoft (Release signing) <[email protected]>"
gpg --list-packets --verbose < RPM-GPG-KEY-microsoft-azure-release
# Install it
sudo install -o root -g root -m 644 RPM-GPG-KEY-microsoft-azure-release /etc/pki/rpm-gpg
sudo rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-microsoft-azure-release
Then you will be able to download and install rpm of Azure client (if needed)
# RHEL 6
curl -o azureclient.rpm https://rhui-1.microsoft.com/pulp/repos/microsoft-azure-rhel6/Packages/r/rhui-azure-rhel6-2.2-74.noarch.rpm
# RHEL 7
curl -o azureclient.rpm https://rhui-1.microsoft.com/pulp/repos/microsoft-azure-rhel7/Packages/r/rhui-azure-rhel7-2.2-74.noarch.rpm
# Install
sudo rpm -U azureclient.rpm
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With