SUSE Manager/Unable to get local issuer certificate
Unable to get local issuer certificate
Customer reported that after registering and updating the SLES12 SPx server, he could not use zypper anymore. E.g. when running a: zypper ref The following error occurred:
# zypper ref Refreshing service 'spacewalk'. Download (curl) error for 'https://s96lnxpr00.emea.isn.corpintra.net/XMLRPC/GET-REQ/sles-12-sp1-201602-dai-os-dai-x86_64-sles-12-sp1-sles/repodata/repomd.xml?head_requests=no&timeout=600': Error code: Unrecognized error Error message: SSL certificate problem: unable to get local issuer certificate
After some research we found the problem:
The customer is using an "old" bootstrap script to register the SLES12 SPx server. For this customer the root cause was a not-updated SUSE Manager Proxy.
The problem with older bootstrap scripts is that it creates a link of the certificate in /etc/ssl/certs/ and not in /etc/pki/trust/anchors followed by /usr/sbin/update-ca-certificates.