Loaded plugins: fastestmirror, securityThe error is related to inability to connect to external services via HTTPS (443) connection (EPEL repo uses HTTPS connection by default). There are many reasons that can cause this error, thus to resolve the issue, troubleshooting and understanding the underlying issue is important. Here’s several possible solutions for the error above.
Loading mirror speeds from cached hostfile
Error: Cannot retrieve metalink for repository: epel. Please verify its path and try again
One possible possibility is that the CA certificates installed on the system has became outdated, and hence cannot connect directly due to unverifiable certificate errors when getting the updated metalink file for EPEL via HTTPS. In this scenario, update the CA certificates package with the following command:
yum --disablerepo=epel -y update ca-certificatesNote that you may also need to disable all repos that uses HTTPS protocol and are failing.
If the CA certifications are already latest with no update available, or if you absolutely cannot get through the cannot retrieve the repo path error, it’s possible to force the repository to use HTTP instead of HTTPS. However, do note that this may also indicate that your system is having other problems which you need to find out.
To do so, edit the repository configuration file in /etc/yum.repos.d/, e.g. vi /etc/yum.repos.d/epel.repo, and then comment out the entries that are starting with mirrorlist=, and then uncomment the entries that are starting with baseurl=. For example,
[epel] name=Extra Packages for Enterprise Linux 6 - $basearch baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch failovermethod=priority enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6
Tip
You only need to change for the repos that are enabled, i.e. have enabled=1.
sudo sed -i "s/mirrorlist=https/mirrorlist=http/" /etc/yum.repos.d/epel.repoOr, edit manually /etc/yum.repos.d/epel.repo, the change the line from:
mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearchTo:
mirrorlist=http://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearchIt’s also possible to disable the SSL certificate check by adding following line into appreciate EPEL section of /etc/yum.repos.d/epel.repo:
sslverify=falseFor example,
[epel] name=Extra Packages for Enterprise Linux 6 - $basearch baseurl=http://download.fedoraproject.org/pub/epel/6/$basearch #mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch failovermethod=priority enabled=1 gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-6 sslverify=falseLast but not least, as mentioned above, normally the HTTPS secure connection to retrieve repositories’ databases should work. It it doesn’t, it may hint at a larger problem. The error can also be caused by broken or corrupted packages, or failing yum and rpm functions, such as in the case of mismatched nss-softokn versions. Thus, if issue persisted after updating CA certificates, do check around for possible other issues.
0 comments :
Post a Comment