yum error “Cannot retrieve metalink for repository: epel. Please verify its path and try again” updating ContextBroker

118
votes

I'm trying to update Orion ContextBroker using the command yum install contextBroker. Unfortunatelly I get the following error:

Loaded plugins: fastestmirror, refresh-packagekit, security Loading

mirror speeds from cached hostfile

Error: Cannot retrieve metalink for repository: epel. Please verify its path and try again

What could be going wrong ?

23
rpmyumfiwareepel
Suggested troubleshooting step: can your system curl -v https://mirrors.fedoraproject.org? - mwfearnley
The selected answer is a workaround that doesn't fix the root issue, and in fact package installation may continue to fail. I suggest deselecting the best answer, and let the vote count sort the answers to the one that worked for most people. - Paul

23 Answers

143
votes

I solved this issue editing both /etc/yum.repos.d/epel.repo and /etc/yum.repos.d/epel-testing.repo files, commenting all entries starting with mirrorlist=... and uncommenting all the entries starting with baseurl=....

184
votes

You just needed to update ca-certificates package. Before that just disable all repos with https that are failing. That's why solution with commenting mirrorlist or using http instead https would work also.

For example if you need to disable only epel repo:

yum --disablerepo=epel -y update  ca-certificates

This will also help wget, curl, and anything else that uses SSL certificates.

66
votes

use this command:

sudo sed -i "s/mirrorlist=https/mirrorlist=http/" /etc/yum.repos.d/epel.repo

or alternatively use command

vi /etc/yum.repos.d/epel.repo

go to line number 4 and change the url from

mirrorlist=https://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch

to

mirrorlist=http://mirrors.fedoraproject.org/metalink?repo=epel-6&arch=$basearch
21
votes

For my case commenting out mirrorlist and uncomenting entries with baseurl din't work. I noticed the problem was with the https iniside the .repofedora files. I solved it by going in /etc/yum.repository.d and replacing all https with http in different .repo files. That worked!!

21
votes

I guess this should work. I solved my problem with this.

$ sudo yum clean all

$ sudo yum --disablerepo="epel" update nss

20
votes

Updating curl worked for us. Somehow yum uses curl for its transactions.

yum update curl --disablerepo=epel
11
votes

Check if you access internet through a proxy, and then your add internet proxy address to yum configuration.

add 

proxy=http://ip:port

to /etc/yum.conf

8
votes

Walkthrough Steps

Running the following command will update the repo to use HTTP rather than HTTPS:

sudo sed -i "s/mirrorlist=https/mirrorlist=http/" /etc/yum.repos.d/epel.repo

You should then be able to update with this command:

yum -y update
6
votes

You may come across this message/error, after installing epel-release. The quick fix is to update your SSL certificates:

yum -y upgrade ca-certificates

Chances are the above error may also occur while certificate update, if so, just disable the epel repo i.e. use the following command:

yum -y upgrade ca-certificates --disablerepo=epel

Once the certificates will be updated, you'll be able to use yum normally, even the epel repo will work fine. In case you're getting this same error for a different repo, just put it's name against the --disablerepo=<repo-name> flag.

Note: use sudo if you're not the root user.

5
votes

I solved this problem by this solution.

you just change in this file /etc/yum.repos.d/epel.repo

mirrorlist= change this url https to http

baseurl= change this url https to http

4
votes

All of the above did not work for me, but a rebuild of the rpm database, with the following command, did:

sudo rpm --rebuilddb

Thanks all for the help.

3
votes

For boxes that does not have internet access, you can remove epel repository:

yum remove epel-release --disablerepo=epel

This happened to me as I accidentally installed epel-release using rpm on a prod box.

3
votes

I encountered the same issue even though the ca-certificates package is up-to-date. The mirror https://mirrors.fedoraproject.org/ is currently signed by DigiCert High Assurance EV Root CA which is included in my ca-bundle

$ grep -A 3 "DigiCert High" /etc/ssl/certs/ca-bundle.crt 
# DigiCert High Assurance EV Root CA
-----BEGIN CERTIFICATE-----
MIIDxTCCAq2gAwIBAgIQAqxcJmoLQJuPC3nyrkYldzANBgkqhkiG9w0BAQUFADBs
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3

The reason why https connections failed in my case, was that system date was set to the year 2002 in which the DigiCert High Assurance EV Root CA is not (yet) valid.

$ date
Di 1. Jan 11:10:35 CET 2002

Changing the system time fixed the issue.

2
votes

I solved it by going in /etc/yum.repository.d/. For my case i comment out mirrorlist and uncomenting entries with baseurl. as well as added sslverify=false.

https://serverfault.com/questions/637549/epel-repo-for-centos-6-causing-error

2
votes

I've workaround this issue by changing the https entries in epel.repo file to http.

1
votes

In my case when I comment out mirrorlist the error got away but the repo was also not working so I manually point the right baseurl in /etc/yum.repos.d/epel.repo as below

[epel]
name=Extra Packages for Enterprise Linux 7 - $basearch
baseurl=http://iad.mirror.rackspace.com/epel/7Server/x86_64/
#metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-7&arch=$basearch&infra=$infra&content=$contentdir
failovermethod=priority
enabled=1
gpgcheck=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7

[epel-debuginfo]
name=Extra Packages for Enterprise Linux 7 - $basearch - Debug
baseurl=http://iad.mirror.rackspace.com/epel/7Server/x86_64/debug/
#metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-debug-7&arch=$basearch&infra=$infra&content=$contentdir
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1

[epel-source]
name=Extra Packages for Enterprise Linux 7 - $basearch - Source
baseurl=http://iad.mirror.rackspace.com/epel/7Server/SRPMS/
#metalink=https://mirrors.fedoraproject.org/metalink?repo=epel-source-7&arch=$basearch&infra=$infra&content=$contentdir
failovermethod=priority
enabled=0
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL-7
gpgcheck=1
0
votes

Changing the mirrorlist URL from https to http fixed the issue for me.

0
votes

Fixed mine like this:

yum install elfutils-default-yama-scope-0.168-8.el7.noarch --disablerepo=epel
yum install nss-pem -disablerepo=epel
yum reinstall ca-certificates --disablerepo=epel
yum clean all
rm -rf /var/cache/yum
yum update`
0
votes

None of these worked for me (I didn't even try the hacks like manually editing the repo file).

However it worked after a simple yum update -y

0
votes

Another possible cause is that your architecture is not supported. I ran into this because I was provided with a CentOS VM, wanted to install EPEL and couldn't for the life of me get it done.

Turns out the VM was CentOS 7 i386, which is an architecture that is apparently no longer supported by EPEL. I guess the only remedy in this case is to reinstall.

0
votes

Try

yum clean all --enablerepo=*

Then

yum update --disablerepo=epel
0
votes

I tried most of these solutions and none of them worked for me.

The only thing that worked for me was to disable and remove the offending repo.

sudo yum --disablerepo=epel\* remove epel-release.noarch
0
votes

For obsolete CentOS 6, I used this in /etc/yum.repos.d/epel.repo

baseurl=https://d2lzkl7pfhq30w.cloudfront.net/pub/archive/epel/6/$basearch