Reparing expired RHN certificate

If your server stopped receive updates from RHN with error:

[('SSL routines', 'SSL23_WRITE', 'ssl handshake failure')]
then it may be probably because of expired RHN certificate located as /usr/share/rhn/RHNS-CA-CERT. This file is a part of rhn-client-tools RPM. I have updated this RPM according to RedHat advice, however still have a problem.

When looking into certificate file directly with vi, I saw both certificates (old,expired and renewed one) concatenated in one file. It looks like causing problem for tools.


Just remove first, expired, part.

The rest of file should begin as:

        Version: 3 (0x2)
        Serial Number: 42 (0x2a)
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, ST=North Carolina, L=Raleigh, O=Red Hat, Inc., OU=Red Hat Network, CN=RHN Certificate Authority/
            Not Before: Feb 26 21:07:08 2010 GMT
            Not After : Feb 24 21:07:08 2020 GMT

Updated on Sun Nov 10 13:49:32 IST 2013 More documentations here