[Errno 14] HTTPS Error 403 - Forbidden (RedHat repositories only)

Problem:

Yum repolist/check-update fails on published redhat repositories. Other repos works.

https://x01-srv01/pulp/repos/x01/Production/CV-RHEL7/content/dist/rhel/server/7/7Server/x86_64/extras/os/repodata/repomd.xml: [Errno 14] HTTPS Error 403 - Forbidden

The following remedies has been tried and failed:

  • yum clean all
  • subscription-manager unregister/register
  • Regenerated certificates (–certs-update-ca --certs-update-server --certs-update-all)
  • Installed new katello-ca-consumer package
  • SELinux in permissive mode
  • Removed all relevant content views and repositories and readded/synced.
  • Refreshed subscription manifest

Expected outcome:

Shows number of packages and being able to install/update packages.

Foreman and Proxy versions:

Foreman 2.1.2 / Katello 3.15

Foreman and Proxy plugin versions:

Distribution and version:

CentOS 7

Other relevant data:

/var/log/httpd/foreman-ssl_access_ssl.log

“GET /pulp/repos/x01/Production/CV-RHEL7/custom/Foreman_Client/foreman_client_el7_x86_64/repodata/repomd.xml HTTP/1.1” 200 3836 “-” “urlgrabber/3.10 yum/3.4.3”
“GET /pulp/repos/x01/Production/CV-RHEL7/content/dist/rhel/server/7/7Server/x86_64/extras/os/repodata/repomd.xml HTTP/1.1” 403 69 “-” “urlgrabber/3.10 yum/3.4.3”

Katello 3.16

Unable to edit

curl:
403: [(‘PEM routines’, ‘PEM_read_bio’, ‘no start line’)]

@CowsSayMooo thanks for bringing this to our attention. I’ll try and find a solution for you ASAP.

@CowsSayMooo run the following command:
rct cat-cert /etc/pki/entitlement/FILENAME

where FILENAME is each of the non-.pem files in that directory.

1 Like