EPEL Repo for CentOS 6 causing error
Solution 1
The correct fix is to update your SSL certificates.
sudo yum upgrade ca-certificates --disablerepo=epel
You need to disable the epel repo so that this command will succeed. After you update your certificates you can use yum normally as EPEL will work again.
Solution 2
I had this problem, and it boiled down to the SSL certificate not being verifiable when getting the updated metalink file for EPEL via HTTPS. I suppose that I could have drilled down through the certificate chain to find out why, but in order to get my server working again, I sidestepped the problem by adding the following line into /etc/yum.repos.d/epel.repo
:
[epel]
...
sslverify=false
I didn't think this was insanely unsafe, because the packages themselves are still verified by GPG-signature check.
Solution 3
You can modify the epel repo to use http instead of https by running the following as root/sudo
sed -i "s/mirrorlist=https/mirrorlist=http/" /etc/yum.repos.d/epel.repo
Solution 4
Ridiculously using secure HTTP is causing a problem yet normal HTTP is working fine. This shouldn't be happening with a fresh install so there must be an issue with Fedora's repositories. It's working now.
Related videos on Youtube
Tom Wilson
Updated on September 18, 2022Comments
-
Tom Wilson over 1 year
I've got a VM running CentOS 6 (64bit) and I'm attempting to add the EPEL repo like usual to install various packages as I do quite regularly.
Today, I'm experiencing some strange errors yet I'm doing absolutely nothing differently.
I'm adding EPEL like so:
# wget http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm # rpm -ivh epel-release-6-8.noarch.rpm
Yet when I try running yum for anything, I'm getting this error:
[root@core /]# yum list
Loaded plugins: fastestmirror
Determining fastest mirrors
Error: Cannot retrieve metalink for repository: epel. Please verify its path and try again
Any ideas? I'm stumped!
-
Michael Hampton over 9 yearsWhat happened when you attempted to do what it told you to do?
-
Tom Wilson over 9 yearsI'm pretty sure it has nothing to do with the path. This is the same way I've added EPEL countless times before and never encountered an error like this. Something must be going on behind the scenes, right?
-
Brian over 9 yearsThe extras repository has a package to enable the EPEL repository and I usually install it from there. Since extras is enabled by default this is done by just doing
yum install epel-release
-
-
Tom Wilson over 9 yearsAll I did was change https to http in the repo list and it just worked, but I shouldn't have had to.
-
Soprano over 9 yearsIf you update your systems 'ca-certificates' it will work again. Probably has to do with the CA's, perhaps expired and/or revoked? (yum update ca-certificates)
-
TlmaK0 over 9 yearsthis is the correct way to fix the problem.
-
TrinitronX over 9 yearsI've tested this on the CentOS 6.5 bento box which is affected by this issue and it does make things slightly more reliable when running
yum clean all && yum makecache
. However, it still fails sometimes. Adding a retry to my script made it even more reliable. I suspect that some mirrors are unreliable and a retry can give another mirror that works. So if at first it doesn't succeed, try try again! -
DrStrangepork about 9 yearsNot only did this not work for me, I started getting the error trying to install ca-certificates, and then when I had the latest, I am still seeing it occur here and there during builds. Changing the protocol to http is NOT an answer.
-
skidadon about 8 yearsDon't forget to run "sudo yum upgrade" after you run this command to actually do the full upgrade.
-
Howard Lee almost 8 years
yum upgrade
would work on box with http. However my box doesn't have access to internet. Any alternatives? -
Howard Lee almost 8 yearsOk, answering my own comment. Use
yum remove epel-release --disablerepo=epel
on box that has no internet access (yes I accidentallyrpm -Uvh epel-release
on a prod box) -
Alec Istomin almost 5 yearsto fix epel in centos 6 in 2019 you need to install nss-tools with dependencies:
yum --disablerepo=\* --enablerepo=base,updates intall nss-tools