After configuring VMWware UMDS (VMware Update Manager download service) in my environment, which downloads patches/update from online VMware repositories, I tried downloading patches/updates.but I was receiving below errors for multiple urls. (There are default 4 online VMware repositories from where UMDS tries download patches/fixes).
[root@centos01 bin]# ./usr/local/vmware-umds/bin/vmware-umds -D
Starting download of updates ...
INFO - Executing download job {22727488}, url=https://hostupdate.vmware.com/software/VUM/PRODUCTION/main/vmw-depot-index.xml
ERROR - curl_easy_perform() failed: cURL Error: SSL peer certificate or SSH remote key was not OK, SSL certificate problem: unable to get local issuer certificate
ERROR - [backtrace begin] product: VMware vSphere Update Manager Download Service, version: 7.0.0, build: build-15952383, tag: vmware-down loadService, cpu: x86_64, os: linux, buildType: release backtrace[00] libvmacore.so[0x002ECAC5] backtrace[01] libvmacore.so[0x0019D635]: Vma core::System::Stacktrace::CaptureFullWork(unsigned int) backtrace[02] libvmacore.so[0x0018F3A9]: Vmacore::System::SystemFactory::CreateBackt race(Vmacore::Ref&) backtrace[03] umds[0x00161D4B] backtrace[04] umds[0x001620CA] backtrace[05] umds[0x0016249C] backtrace[06] umds[0x0015DBC0] backtrace[07] umds[0x0015F8AF] backtrace[08] umds[0x0016052A] backtrace[09] libvmacore.so[0x0022C942] backtr ace[10] libvmacore.so[0x002319B6] backtrace[11] libvmacore.so[0x002AAB54] backtrace[12] libpthread.so.0[0x00007E65] backtrace[13] libc.so.6[ 0x000FE88D] backtrace[14] (no module) [backtrace end]
ERROR - Executing download job {22727488} throws error: curl_easy_perform() failed: cURL Error: SSL peer certificate or SSH remote key was not OK, SSL certificate problem: unable to get local issuer certificate
INFO - Download failed but destination file /tmp/vcioUNphO exists and is valid. Ignoring error
INFO - Download job {22727488} finished, bytes downloaded = 0
*********************************************
Downloaded 0 updates, Download size: 0 MB
*********************************************
To resolve this issue edit downloadconfig.xml UMDS configuration file, under /usr/local/vmware-umds/bin, and make all the HTTPS urls to HTTP. Save the file. Configuration looks like below. VMware Update Manager download service fails to download files from HTTPS repositories
Rerun command ./vmware-umds -D, download will start. Once updates download is completed it shows how many updates it downloaded and its size.
As above updates download over HTTP protocol another way to resolve the issue is using below configuration. Another method is replacing the included libcurl.so.4 library module with symbolic link pointing to the one currently on the vCenter server appliance.
$ mv /usr/local/vmware-umds/lib/libcurl.so.4 /usr/local/vmware-umds/lib/libcurl.so.4.backup
$ ln -s /usr/lib64/libcurl.so.4 /usr/local/vmware-umds/lib/libcurl.so.4
Useful Articles
VMWARE VSPHERE UPDATE MANAGER (VUM) - IMPORTING ESXI ISO AND CREATE UPGRADE BASELINE
VMWARE VSPHERE UPDATE MANAGER (VUM) - UPGRADE ESXI OS
ESXi 6.0 update offline bundle via esxcli commandline: DependencyError VIB bootbank requires VSAN ImageProfile
ESXi 6.5 upgrade bundle via command line: No Space Left On Device Error