If your server stopped receive updates from RHN with error:
[('SSL routines', 'SSL23_WRITE', 'ssl handshake failure')]
then it may be probably because of expired RHN certificate located as /usr/share/rhn/RHNS-CA-CERT.
This file is a part of rhn-client-tools RPM. I have updated this RPM according to RedHat advice,
however still have a problem.
When looking into certificate file directly with vi, I saw both certificates (old,expired and renewed one) concatenated in one file. It looks like causing problem for tools.
Just remove first, expired, part.
The rest of file should begin as:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 42 (0x2a)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=North Carolina, L=Raleigh, O=Red Hat, Inc., OU=Red Hat Network, CN=RHN Certificate Authority/emailAddress=rhn-noc@redhat.com
Validity
Not Before: Feb 26 21:07:08 2010 GMT
Not After : Feb 24 21:07:08 2020 GMT
....