So, I had to update git on a couple of Centos machines last week, and I ran into what appears to be a very common problem: Centos only has old versions of stuff in its repos. Subsequently, I had to figure out how to get the latest, and preferably from a yum repo, rather than installing it manually. Cue repo connection issues.
When working behind a corporate proxy, a number of things can go awry without any good indication of what is actually wrong. Installing the needed repos gave me no issues on one server (centos 6), but threw a fit trying to connect on another. The reason? SSL validation failure. The solution? Depends on how much you want to compromise your system.
A bunch of people suggested just changing the repo url in your /etc/yum.repos.d/epel to be http instead of https, but that’s dumb. Another suggested updating the ca-certs package, but that still won’t work if you had the same issue I did: Self-signed root CA certificates with an intercepting proxy.
The quick guide to installing the latest git on Centos is fairly straightforward:
Thankfully, you’ll only need to ever do the first part once. Steps 4-5 may be necessary for other packages however. It’s a pain that it doesn’t tell you that the issue is an SSL cert trust failure, but googling the error turns up plenty of help. Hopefully this one will get some notice.
Apparently, something has happened recently that caused even this method to not work properly. After some grey hairs and crying, I figured-out that the
nss package needed updating as well as
curl. Once that was complete, everything worked fine again. I’ve updated the script accordingly.