SSL CA cert (path? access rights?)
Solution 1
More easy solution for centos 6/7. Remove ca and reinstall certificate.
rm -f /etc/ssl/certs/ca-bundle.crt && yum reinstall -y ca-certificates
Problem that if you just only reinstall certs. This will dont replace ca-bundle. Leave it new with .rpmnew name.
Solution 2
this worked for me : centos 6
mkdir /usr/src/ca-certificates && cd /usr/src/ca-certificates
rpm2cpio ca-certificates-2015.2.6-65.0.1.el6_7.noarch.rpm | cpio -idmv
cp -pi ./etc/pki/tls/certs/ca-bundle.* /etc/pki/tls/certs/
do yes to override
to check :
curl -vvv https://www.unixy.net
Solution 3
Solution from here https://www.virtualmin.com/node/35857
nss-softokn breaks yum/rpm in CentOS 6 In order to fix it do the following:
wget http://mirror.centos.org/centos/6/updates/x86_64/Packages/nss-softokn-fr...
rpm2cpio nss-softokn-freebl-3.14.3-19.el6_6.x86_64.rpm | cpio -idmv
cd lib64
cp libfreeblpriv3.* /lib64
yum update # sync new repo package
BradMcA
Updated on September 08, 2021Comments
-
BradMcA over 2 years
I am using CentOs 6.6 64bit, and have a problem when using curl. The server primarily hosts several wordpress blogs using apache and mysql.
My simplest means to generate the error is with the following yum command which outputs the below
yum list "ca-certi*" Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile Could not get metalink https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=x86_64 error was 14: PYCURL ERROR 77 - "Problem with the SSL CA cert (path? access rights?)" * base: cosmos.cites.illinois.edu * epel: mirror.cogentco.com * extras: mirrors.rit.edu * updates: mirrors.rit.edu Installed Packages ca-certificates.noarch 2014.1.98-65.1.el6 @base
Soutions tried and failed so far based from googling around
1) I have tried restarting the VPS, no good
2) Executing
curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt
without any luck3) This solution was no good at all, as it relies on yum to solve the SSL problem that yum also suffers http://syslint.com/syslint/curl-77-problem-with-the-ssl-ca-cert-path-access-rights-solved/
Can I run these yum steps to install with wget?, would you think it would help?
# yum reinstall ca-certificates # yum reinstall openssl
I think virtualmin had installed some updates in the last 24 hours, is there a log of updates it ran somewhere?
Can anyone please help get around this "Problem with the SSL CA cert (path? access rights?)" problem.
TIA
-
Odecif over 6 yearsAlso works with centos 7 by changing the URL to centos/7/os/x86_64/Packages/ca-certificates-2017.2.14-71.el7.noarch.rpm in order to reflect new version.
-
Pancho over 5 yearsI didn't realise that this problem was because I'd deleted ca-bundle.crt (because we use external certificates and i didn't realise it was needed) . I did what you suggest here - without the rm -f step - and the problem was resolved. thank you!