YUM and Proxy (Authenticated Proxy)

[brizzlematic]

Hello All,

I need some help pretty please?

CentOS 6.9, trying to get YUM updates to work in a Zscaler Proxy environment.
Last week Friday I edited the /etc/yum.conf file adding these lines:

su password for su vi /etc/yum.conf
press "i" to enter insert mode

proxy = http://proxyIP:proxyPort/
proxy = http://username:password@proxyIP:proxyPort/

Once you have this added this to save and close press "Esc" and then ":wq" and then press Enter
yum - y update

And all was well, I was updating just fine.

Today however;
Could not retrieve mirrorlist (changed around many mirror URLs in testing) error was 14:
PYCURL ERROR 22 - "The requested URL returned error: 403 Forbidden"

I have been looking at these articles and spinning my wheels:

No matter how I slice it, changing the mirrors and baseurl in the yum.repos.d/Cent-OSBase.repo, commenting out the mirrors, uncommenting the baseurl, removing the proxy settings from the yum.conf, different combinations in the yum.conf, the best I can get today is the 403 forbidden error and the PYCURL Error 7 Failed to Connect.

wget and a mirrorlist URL will resolve to IP addresses but then will fail with connection timed out or network is unreachable.

Please note that during this entire time of YUM update failures today the Chrome browser authenticates to the proxy and surfs the web no problem all day and can reach the mirror sites in the browser.

[TrevorH]

man yum.conf, search for proxy. You need proxy_username= and proxy_password= as well as proxy=

[brizzlematic]

man yum.conf, search for proxy. You need proxy_username= and proxy_password= as well as proxy=

I tried the options suggested and change the layout of my proxy syntax in the yum.conf

proxy=http://proxyIP:proxyPort/
http_proxy=http://proxyIP:proxyPort/
https_proxy=https://proxyIP:proxyPort/
proxy_username=WindowsDomainUsername (Needed for proxy authentication)
proxy_password=WindowsDomainPassword (Needed for proxy authentication)

/etc/yum.repos.d/CentOS-Base.repo

man suggests HTTP basic authentication by prepending "user:password@" to the server name in the baseurl line.

"baseurl=http://user:passwd@example.com"

I tried this as suggests and now recieve:

Errno 14 PYCURL ERROR 22 - "The requested URL returned error: 400 Bad request"

If I revert my CentOS-Base.repo and remove the user:passwd@ from the baseurl and test:

Errno 14 PYCURL ERROR 22 - "The requested URL returned error: 403 Forbidden"

And will even spit out in the terminal:

To address this issue please refer to the below knowledge base article;

https://access.redhat.com/solutions/69319

but I do not have visibility to the solution just the question being posted on this article.

[mghe]

Try to add:

# vi /etc/environment

http_proxy="http://proxysrv:8080/"
https_proxy="https://proxysrv:8080/"
ftp_proxy="ftp://proxysrv:8080/"
no_proxy=".local,.domain1.com,host1,host2"


with password:

http://user:password@server_name_port

[brizzlematic]

Try to add:

# vi /etc/environment

http_proxy="http://proxysrv:8080/"
https_proxy="https://proxysrv:8080/"
ftp_proxy="ftp://proxysrv:8080/"
no_proxy=".local,.domain1.com,host1,host2"


with password:

http://user:password@server_name_port

Hello and thank you for the assistance....

Tried as suggested in /etc/enviroment

http_proxy="http://proxysrv:8080/"
https_proxy="https://proxysrv:8080/"
ftp_proxy="ftp://proxysrv:8080/"
no_proxy=".local,.domain1.com,host1,host2"

with password:

http://user:password@server_name_port/


And same results as before with the:

Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6 ... nfra=stock error was
14: PYCURL ERROR 22 - "The requested URL returned error: 403 Forbidden"
http://mirror.centos.org/6/os/x86_64/re ... repomd.xml

14: PYCURL ERROR 22 - "The requested URL returned error: 403 Forbidden"
http://mirror.centos.org/6/os/x86_64/re ... repomd.xml

To address this issue please refer to the below knowledge base article;

https://access.redhat.com/solutions/69319

If the above article doesn't help to resolve this issue please open a ticket with Red Hat Support.

Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify path and try again.


*** Please note: I tried removing the " " from the /etc/environment and same results.

http_proxy="http://proxysrv:8080/"
https_proxy="https://proxysrv:8080/"
ftp_proxy="ftp://proxysrv:8080/"
no_proxy=".local,.domain1.com,host1,host2"

**** Please note: I commented out any proxy settings in the "yum.conf" and rebooted and tried once more and got these results:

Could not retrieve mirrorlist http://mirrorlist.centos.org/?release=6 ... nfra=stock error was
14: PYCURL ERROR 7 - "Failed to connect to 26XX:15XX:FBXX:3::19: Network is unreachable"
http://mirror.centos.org/6/os/x86_64repodata/repomd.xml:
[Errno 14] PYCURL ERROR 7 - "Failed to connect to 26XX:15XX:FBXX:3::19: Network is unreachable"
Error: Cannot retrieve repository metadata (repomd.xml) for repository: base. Please verify path and try again.

[brizzlematic]

tcpdump and ran wget to the mirror and looks like it connects then drops?

Does this indicate which side this is dropping?

[root@Centos6]# wget http://mirror.centos.org/?release=$rele ... fra=$infra
[1] 29312
[2] 29313
[3] 29314
[2]- Done arch=$basearch
[root@Centos6]# --2017-09-12 16:57:36-- http://mirror.centos.org/?release=
Connecting to 1xx.2xx.3xx.4xx:8080... connected.
Proxy request sent, awaiting response... 403 Forbidden
2017-09-12 16:57:36 ERROR 403: Forbidden.