[Errno 14] problem making ssl connection

Good day,
I’ve made changes to the grafana.repo file according to new repo, and receiving such error after sudo yum install grafana on centos:

Loaded plugins: fastestmirror, presto
Setting up Install Process
Loading mirror speeds from cached hostfile
 * base: mirror.wdc1.us.leaseweb.net
 * epel: mirror.us.leaseweb.net
 * extras: mirror.net.cen.ct.gov
 * updates: repos-va.psychz.net
https://packages.grafana.com/oss/rpm/repodata/repomd.xml: [Errno 14] problem making ssl connection
Trying other mirror.

Never had such problem with old repo.

That can be a problem on your side. Try to update your ca-certificates and check if you are able to get output from the command:

openssl s_client -showcerts -connect packages.grafana.com:443

Thanks for your reply.
I’ve followed you advise, here is result:

depth=2 C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
verify return:1
depth=1 C = BE, O = GlobalSign nv-sa, CN = GlobalSign Organization Validation CA - SHA256 - G2
verify return:1
depth=0 C = US, ST = California, L = San Francisco, O = "Fastly, Inc.", CN = e.sni.fastly.net
verify return:1
Certificate chain
 0 s:/C=US/ST=California/L=San Francisco/O=Fastly, Inc./CN=e.sni.fastly.net
   i:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - SHA256 - G2
 1 s:/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - SHA256 - G2
   i:/C=BE/O=GlobalSign nv-sa/OU=Root CA/CN=GlobalSign Root CA
Server certificate
subject=/C=US/ST=California/L=San Francisco/O=Fastly, Inc./CN=e.sni.fastly.net
issuer=/C=BE/O=GlobalSign nv-sa/CN=GlobalSign Organization Validation CA - SHA256 - G2
No client certificate CA names sent
Server Temp Key: ECDH, prime256v1, 256 bits
SSL handshake has read 3133 bytes and written 373 bytes
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
    Protocol  : TLSv1.2
    Cipher    : ECDHE-RSA-AES128-GCM-SHA256
    Session-ID: ////some id
    Master-Key: /////some key
    Key-Arg   : None
    Krb5 Principal: None
    PSK identity: None
    PSK identity hint: None
    TLS session ticket lifetime hint: 7200 (seconds)
    TLS session ticket:

    Start Time: 1548696727
    Timeout   : 300 (sec)
    Verify return code: 0 (ok)

Just trying to understand if the problem is on my side.


yum -y install ca-certificates openssl nss

Receiving same error (as in first post).

Solved this issue using install without repo. It seems that problem is related to old Centos version.