Ssl – Self-signed Cert for yum repository server

centos7redhatrepositorysslyum

Can I use Self-signed Cert for local yum repository server?

The problem is when a client i sdoing a yum update via my repository server, it shows

[Errno 14] curl#60 – "Peer's certificate issuer has been marked as not trusted by the user."

Is there anyway that I can connect to the repository server via HTTPS (port 443) rather than port 80?

Thanks!!!

Best Answer

Importing ca-certificate chain (.crt) - RHEL7

Copy the cert to /etc/pki/ca-trust/source/ and run update-ca-trust extract

If you had an existing PKI to deploy this with like Red Hat Certificate System, use that instead.

Related Solutions

Ssl – How to create and configure a self signed wildcard cert for IIS7.5

You can create a wildcard certificate with the IIS Resource Toolkit (called selfssl.exe) if you need it to last longer than (I think) the 30 days that the built-in certificate generator in IIS Manager gives you (don't recall off the top of my head where that is; believe it's under "Certificates" in the right-side panel). If not, just use the built-in one.

This self-signed wildcard certificate (*.example.com), once created and in the certificate store, can be assigned to all your sites under IIS under the Bindings that are configured with a corresponding host header.

Ubuntu SSL – Using a Self-Signed SSL Certificate for HTTPS-Based Internal APT Repository

Recently, I have encountered a similar problem. I solved it by adding SslForceVersion option.

My config is like:

Acquire::https::test.com {
    Verify-Peer "true";
    Verify-Host "true";

    CaInfo "/tmp/ca.crt";

    SslCert "/tmp/client.crt";
    SslKey  "/tmp/client.key";
    SslForceVersion "SSLv3";
};

Best Answer

Related Solutions

Ssl – How to create and configure a self signed wildcard cert for IIS7.5

Ubuntu SSL – Using a Self-Signed SSL Certificate for HTTPS-Based Internal APT Repository

Related Topic