Yum SSL Connection Problem
I am attempting a yum EOL upgrade on a 5 year old Centos 6.5 server. I have performed the same upgrade procedure on 4 other Centos 6.5 servers without any problems. "yum" is the Centos utility used to download and install system packages from Centos repositories. This is a Catch 22. Since yum on this server is after End-Of-Life for the operating system, yum is not working on this server. Since the current yum installation on this server is not working, I am not able to use yum to download any Centos 6.5 system packages. There are yum servers that are made available to support yum after the operating system End-Of-Life. This requires manually modifying the yum configuration files in yum.repos.d to point to the Centos 6.5 End-Of-Life yum repositories. I have made this change on a number of Centos 6.5 servers without any problems, but one very important server is failing to connect to the Centos 6.5 End-Of-Life repository. Since yum is not working on this server, I can not upgrade Firefox. When I attempt to manually upgrade Firefox with a Firefox RPM, the upgrade fails because of a large number of library dependencies. This makes upgrading Firefox on the server manually almost impossible. A simple solution would be to perform a full operating system upgrade on the computer, but that would wipe out all the files on the computer. My only option is to fix the yum EOL SSL connection problem with the version of Firefox installed on this computer. The SSL error is:
https://vault.centos.org/6.10/os/x86_64/repodata/repomd.xml: [Errno 14] problem making ssl connection Trying other mirror. Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again
I have googled this error and attempted several suggested solutions, but none have worked. I went into about.config, and made the following changes:
In about:config, I tried setting:
security.tls.version.max;4
security.ssl3.rsa_aes_128_sha;false security.ssl3.rsa_aes_256_sha;false security.ssl3.rsa_des_ede3_sha;false
These changes are not helping. I did not make these changes on other Firefox installations for this yum EOL upgrade, and they are working fine.
I do not know what is unique about this particular server that is causing the SSL Connection problem with:
https://vault.centos.org/6.10/os/x86_64/repodata/repomd.xml
On all other servers, I can successfully connect with that server.
Again the yum connection error is:
https://vault.centos.org/6.10/os/x86_64/repodata/repomd.xml: [Errno 14] problem making ssl connection Trying other mirror. Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify its path and try again
If I attempt to connect to this server using Firefox on this server, the connection fails with the error:
Secure Connection Failed
An error occurred during a connection to vault.centos.org. Cannot communicate securely with peer: no common encryption algorithm(s). (Error code: ssl_error_no_cypher_overlap)
The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.
I would appreciate any suggestions that you could make to help with these connection problems. I do not know what is unique about this particular Centos 6.5 server configuration that could be causing this problem. Your help with this problem would be appreciated.
Thanks, Jim West Email: jimwest@attglobal.net Mobile Phone: 706-972-7149
All Replies (2)
The version of Firefox currently installed on the server is: firefox-24.2.0-1.0.1.el6.centos.x86_64
I tried a full Firefox reset on this server ... this did not help.
Firefox on this server can connect and display duckduckgo.com and google.com, but can not connect to ibm.com or cnn.com. Firefox can not connect to my own website "positiondatabase.com", reporting that it is an untrusted web site. My website is fully trusted and has a valid SSL certificate. Perhaps the issue in Firefox is a problem related to Certificate installation/configuration. I would appreciate any suggestions. Thanks, Jim