Subject
How to mirror an RHN repository
Instructions
In order to mirror a repository hosted on Red Hat Network, you will need to import your PEM certificate to Artifactory.
You may download your PEM certificate by logging in to Red Hat Customer Portal and navigating to System => $SYSTEM => Subscriptions => Download certificates. The downloaded ZIP archive will contain the PEM certificate.
Note: If the RedHat CDN certificate is invalid after a specific period in Artifactory it results in a forbidden error. The certificates for connected systems are periodically getting changed. In such a scenario, we need to use the certificate from an offline system, and kindly refer to this external link for more details.
After importing the PEM certificate, create a new RPM remote repository.
Under URL pass the URL to the repository (e.g. https://cdn.redhat.com/content/dist/rhel/server/7/7Server/x86_64/sat-tools/6.5/os) and add the certificate by navigating to Advanced => Remote Authentication => SSL / TLS Certificate and select the certificate from the drop-down list.
Now, when clicking "Test Connection" you will probably receive the following error message:
The reason for this error message is that cdn.redhat.com certificate is untrusted.
We can resolve this error by trusting the certificate.
Execute the below command in order to get the certificate, and follow our Knowledge Base to add it to Artifactory.
openssl s_client -showcerts -connect cdn.redhat.com:443