Trying to install uyuni on openSuse Leap 15.4 - curl error 60

ipanmeri · April 2, 2024, 1:59pm

Hello,
I am totally new to uyuni (or servermanager) (and new to openSuSE, too) and prepared an openSuse leap 15.4 server for uyuni installation.
Following the official documentation.
https://www.uyuni-project.org/uyuni-docs/en/uyuni/installation-and-upgrade/install-uyuni.html

During download/install of the packages I get:

Retrieving: concurrent-1.3.4-277.278.8.uyuni3.noarch.rpm …[error (2.0 KiB/s)] Download (curl) error for ‘https://download.opensuse.org/repositories/systemsmanagement:/Uyuni:/Stable/images/repo/Uyuni-Server-POOL-x86_64-Media1/noarch/concurrent-1.3.4-277.278.8.uyuni3.noarch.rpm’: Error code: Curl error 60 Error message: SSL certificate problem: self signed certificate in certificate chain

Where do I go from here?
Thanks for any hint.
Kind regards

hcvv · April 2, 2024, 3:00pm

I know nothing about uyuni, but I hope you understand that Leap 15.4 is End of Life and does not get any support (e.g. security updates) any more.

ipanmeri · April 2, 2024, 3:17pm

Thanks for pointing this out.
Maybe this is why download does not work …
I guess I will restart with 15.6 then.
Thank you

hcvv · April 2, 2024, 3:35pm

You may try that, but it is only Beta, thus it is not sure that third party software is already available.

Why not going for 15.5?

https://en.opensuse.org/Lifetime

butcherbird · April 2, 2024, 5:29pm

I’m not sure where it is expecting the cert but with curl typically with cert errors on self signed etc, I’ll do something like:

echo | openssl s_client -connect download.opensuse.org:443 2>&1 |sed -ne ‘/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p’ > /home/user/somedir/cert.pem

Then maybe
export SSL_CERT_DIR=/home/user/somedir

mhurron · April 2, 2024, 5:42pm

This is truly horrible advice for anything where you did not know it should have a self-signed certificate, as in you set up a development environment.

What you are suggesting is completely negating the benefit that certificates give you. You should never blindly trust any public site that serves up a self-signed certificate and download.opensuse.org should never offer one. If it is, something somewhere is very wrong.

butcherbird · April 2, 2024, 5:45pm

I agree generally

but you can compare the cert independently by hitting the host in a browser etc

Most likely whatever pem file curl is using on that system is old and doesn’t include the ca

possibly you could alternatively update curl with a package downloaded from the site

ipanmeri · April 3, 2024, 6:55am

Yeah, you are right, 15.5 is the correct choice. Thanks

ipanmeri · April 3, 2024, 8:38am

So I installed the server anew with 15.5.
Repos got correctly added I think, as I discovered how to setup network manually correctly before the actual installation happened.
After that:

zypper ref

and got

New repository or package signing key received:

  Repository:       uyuni-server-stable

which I accepted.

The I started the Uyuni installation.
After many packages got downloaded correctly I get this error:

Retrieving: concurrent-1.3.4-277.278.8.uyuni3.noarch.rpm ............................................................................................[error]
Download (curl) error for 'https://download.opensuse.org/repositories/systemsmanagement:/Uyuni:/Stable/images/repo/Uyuni-Server-POOL-x86_64-Media1/noarch/concurrent-1.3.4-277.278.8.uyuni3.noarch.rpm':
Error code: Curl error 60
Error message: SSL certificate problem: self signed certificate in certificate chain

which looks very much the same as yesterday with 15.4.

Should I download the packages by hand and move them into local dirs?

Should I open a new thread or continue here?
Thanks

arvidjaar · April 3, 2024, 8:40am

Show

curl -sIL https://download.opensuse.org/repositories/systemsmanagement:/Uyuni:/Stable/images/repo/Uyuni-Server-POOL-x86_64-Media1/noarch/concurrent-1.3.4-277.278.8.uyuni3.noarch.rpm | grep -i location

ipanmeri · April 3, 2024, 8:50am

Hi

location: https://ftp.gwdg.de/pub/opensuse/repositories/systemsmanagement%3A/Uyuni%3A/Stable/images/repo/Uyuni-Server-POOL-x86_64-Media1/noarch/concurrent-1.3.4-277.278.8.uyuni3.noarch.rpm

Thanks

arvidjaar · April 3, 2024, 8:53am

I have no problems connecting to it. OK, then show

curl -vIL https://download.opensuse.org/repositories/systemsmanagement:/Uyuni:/Stable/images/repo/Uyuni-Server-POOL-x86_64-Media1/noarch/concurrent-1.3.4-277.278.8.uyuni3.noarch.rpm

ipanmeri · April 3, 2024, 9:12am

arvidjaar:

curl -vIL https://download.opensuse.org/repositories/systemsmanagement:/Uyuni:/Stable/images/repo/Uyuni-Server-POOL-x86_64-Media1/noarch/concurrent-1.3.4-277.278.8.uyuni3.noarch.rpm

Cool, it is installing.
The

https://ftp.gwdg.de/

got me thinking… Had to give access to this site through the firewall.
Installation went through without any hickup.
I have the Network Services/Uyuni setup now
All good.

Thank you very much!!!

system · April 10, 2024, 9:12am

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.