I’ve deleted the following file
zypper removeservice nu_novell_com
rm /etc/zypp/credentials.d/NCCcredentials
rm /var/cache/SuseRegister/lastzmdconfig.cache
But when I attempt to register:
suse_register -a regcode-sles=XXXXXXXXXX -a email=syseng@XXXXXXX.com -a moniker=XXXXXXXXXX -L /root/.suse_register.log
I get the following error:
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)
I’ve recreated my server and CA certificate, which had no effect. .suse_register.log tells me the same error.
----- Thu Feb 13 17:10:16 2014 ---------------------------------------
2014-02-13 17:10:19 SUSE::SRPrivate - [info] SEND DATA to URI: https://secure-www.novell.com/center/regsvc/?command=listproducts&lang=en-US&version=1.0:
2014-02-13 17:10:19 SUSE::SRPrivate - [error] ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
2014-02-13 17:10:19 SUSE::SRPrivate - [error] (2)
Any help would be welcome.
Edit: This is the trailing end of the registration request:
About to connect() to secure-www.novell.com port 443 (#0)
Trying 130.57.66.9…
connected
Connected to secure-www.novell.com (130.57.66.9) port 443 (#0)
successfully set certificate verify locations:
CAfile: none
CApath: /etc/ssl/certs/
SSLv3, TLS handshake, Client hello (1):
SSLv3, TLS handshake, Server hello (2):
SSLv3, TLS handshake, CERT (11):
SSLv3, TLS alert, Server hello (2):
SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Closing connection #0
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)
Should the CAFile be set to the YAST_CA_Pem file? If so, how to do that?
[QUOTE=sysengPS;19321]…
I get the following error:
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)[/QUOTE]
As a note, you do realize that support for SLES 11 SP1 ended back in August 2012? The repositories should still be there for SP1, but I’d advise to update your servers to, at least, SLES 11 SP2.
As a note, you do realize that support for SLES 11 SP1 ended back in August 2012? The repositories should still be there for SP1, but I’d advise to update your servers to, at least, SLES 11 SP2.
Cheers,
Willem[/QUOTE]
Afterthought: it this SLES or SLED you are having the issue with? (As you’ve posted in the SLED subforum but your post subject mentions SLES )
I didn’t realize that I had put this in the wrong sub-forum, this is regarding a SLES server. In any case, I was able to get past the registration fault by downloading the curl-ca-bundle.crt for SLES SP1 from Novell, but no repositories were added. So I’ve added a few SLES SP1 repositories, but am getting an segmentation fault when I try and download anything, or even check for updates. I’ll add a SP2 repo and remove the SP1 to see if that makes a difference.
If a mod can move the thread, I’d appreciate it. Or if anyone knows how to resolve this, that’d help too :).
Nope, removing the SP1 repo and adding the SP2 didn’t help.
[CODE]confpesdev:/usr/lib64 # zypper rr SLES11-SP1-Pool
Removing repository ‘SLES11-SP1-Pool’ [done]
Repository ‘SLES11-SP1-Pool’ has been removed.
[QUOTE=sysengPS;19321]I’ve deleted the following file
zypper removeservice nu_novell_com
rm /etc/zypp/credentials.d/NCCcredentials
rm /var/cache/SuseRegister/lastzmdconfig.cache
But when I attempt to register:
suse_register -a regcode-sles=XXXXXXXXXX -a email=syseng@XXXXXXX.com -a moniker=XXXXXXXXXX -L /root/.suse_register.log
I get the following error:
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)
I’ve recreated my server and CA certificate, which had no effect. .suse_register.log tells me the same error.
----- Thu Feb 13 17:10:16 2014 ---------------------------------------
2014-02-13 17:10:19 SUSE::SRPrivate - [info] SEND DATA to URI: https://secure-www.novell.com/center/regsvc/?command=listproducts&lang=en-US&version=1.0:
2014-02-13 17:10:19 SUSE::SRPrivate - [error] ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
2014-02-13 17:10:19 SUSE::SRPrivate - [error] (2)
Any help would be welcome.
Edit: This is the trailing end of the registration request:
About to connect() to secure-www.novell.com port 443 (#0)
Trying 130.57.66.9…
connected
Connected to secure-www.novell.com (130.57.66.9) port 443 (#0)
successfully set certificate verify locations:
CAfile: none
CApath: /etc/ssl/certs/
SSLv3, TLS handshake, Client hello (1):
SSLv3, TLS handshake, Server hello (2):
SSLv3, TLS handshake, CERT (11):
SSLv3, TLS alert, Server hello (2):
SSL certificate problem, verify that the CA cert is OK. Details:
error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
Closing connection #0
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)
ERROR: Peer certificate cannot be authenticated with known CA certificates: (60)
(2)
Should the CAFile be set to the YAST_CA_Pem file? If so, how to do that?[/QUOTE]
Thread moved and open for consumption…