RHEL 5 SSL Expired

Anyone running RHEL 5.4 and earlier is probably going to experience the dreaded “The certificate is expired” error when running rhn_register, up2date or yum. Clearly the answer is…

Update the certificate. That 5.4 or earlier SSL CA cert used by Red Hat Network expired on 12 August 2013.

For those with a paid Red Hat subscription, see this solution. Another variation appears here.

We stumbled on this when trying to register a bunch of older 5.x machines with the Red Hat Network.

The solution is basically to download the appropriate rpms and run “rpm -Uvh” to upgrade with the new certificates. The required packages include:


The articles cited above provide options to force a yum update of these packages by temporarily disabling SSL and then running rhn_register and a “yum update “rhn\*”. I won’t repeat the details here because anyone running RHEL should have a subscription allowing them access to those articles.


To temporarily shut off SSL for rhn_register/up2date edit /etc/sysconfig/rhn/up2date and change the serverURL from https to http.

This entry was posted in System Administration on by .

About phil

My name is Phil Lembo. In my day job I’m an enterprise IT architect for a leading distribution and services company. The rest of my time I try to maintain a semi-normal family life in the suburbs of Raleigh, NC. E-mail me at philipATlembobrothersDOTcom. The opinions expressed here are entirely my own and not those of my employers, past, present or future (except where I quote others, who will need to accept responsibility for their own rants).