Upgrading software sometimes could be a challenging experience. Login as root in Centos 6.7, a simple “yum -y update” command stalled. The error thrown was it Could not retrieve the mirrorlist from webtatic and could not find the base URL for the repository. It also indicated some pycurl error about SSL CA certificate.
Now, I tried the basic troubleshooting of verifying network settings, connectivity, dns resolution and it all works fine. This occurred after uninstalling Zpanel control panel and deleting some certificates that the error suddenly appeared. Thus, the error could be about SSL CA certificate as indicated by pycurl error 77. It seems like the /etc/pki/tls/certs/ content is broken/messed up after uninstall.
The solution that worked for fixing the error was outlined in the “Fixing CentOS Root Certificate Authority Issues“.
The solution was to download a new certificate bundle.
Running as root the following command:
# curl http://curl.haxx.se/ca/cacert.pem -o /etc/pki/tls/certs/ca-bundle.crt
This resolved the error and I could run the “yum -y update” command without any issue.
Just to be sure that everything is updated okay, I’ve reinstalled openssl and ca-certificates:
# yum reinstall openssl
# yum reinstall ca-certificates
