Skip to content
Ercan Ermis
Ercan Ermis

notes for everyone about cloud technology

  • Cloud
    • AWS
    • GCP
  • Container
    • Kubernetes
    • Docker
  • Linux
  • DevOps
  • Privacy Policy
  • Contact
Ercan Ermis

notes for everyone about cloud technology

SSL CA Problem on CentOS7 Docker and Solution

Ercan, March 8, 2022March 8, 2022

When I’m playing with CentOS7 docker image on MacBookPro M1, it looks like it doesn’t connect to the servers which require HTTPS connection.

For example, when I run yum -y update the command it returns curl: (77) Problem with the SSL CA cert (path? access rights?). Hmm, it looks like an OS Bug because my ca-certificates are okay.

I tried to send a GET command via curl and it looks like doesn’t work.

$ curl -vvv https://google.com
* About to connect () to google.com port 443  ( # 0) 
* Trying 216.58.212.142 ...
* Connected to github.com (216.58.212.142) port 443 (#0)
* Initializing NSS with certpath: sql: / etc / pki / nssdb
* Closing connection 0 curl: ( 77 ) Problem with the SSL CA cert ( path? Access rights? )

wget also doesn’t work with HTTPS connections and I do some research online and I see it’s a real bug. Here is the details; https://bugs.centos.org/view.php?id=16282

The Solution

$ touch "/etc/sysconfig/64bit_strstr_via_64bit_strstr_sse2_unaligned"

Yes, that’s it. We just need this file to run TCP connections securely. Here is the results after the solution.

$ curl -I https://google.com
HTTP/2 301
location: https://www.google.com/
content-type: text/html; charset=UTF-8
date: Tue, 08 Mar 2022 08:16:51 GMT
expires: Tue, 08 Mar 2022 08:16:51 GMT
cache-control: private, max-age=2592000
server: gws
content-length: 220
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+370; expires=Thu, 07-Mar-2024 08:16:51 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

It is also a mystery that it is reproduced only on the M1 machine so far. But for the time being, I was able to identify the cause, and it’s okay to reach the goal, right?

Share on Social Media
x facebook linkedin reddit
Docker Linux bugcentos7curldockerwgetyum

Post navigation

Previous post
Next post
  • AWS (45)
    • Serverless (4)
  • Best (9)
  • DevOps (16)
  • Docker (10)
  • GCP (3)
  • Kubernetes (3)
  • Linux (13)
  • Uncategorized (6)

Recent Posts

  • Automating AWS CloudWatch Log Group Tagging with Python and Boto3
  • Automating AWS ECR Tagging with Python and Boto3
  • Automating ECR Image Cleanup with Bash
  • Update ECR Repositories with Bash Script
  • Why Automated Tests Are Essential in Your CI/CD Pipeline and Development Flow
  • Streamline Your AWS ECR Management with This Powerful Bash Script
  • Setting up DKIM for Google Workspace (Gmail) using Terraform and AWS Route 53
  • Automate AWS Site-to-Site VPN Monitoring
  • Optimizing Docker Images: Tips for Reducing Image Size and Build Time
  • Monitoring EC2 Disk Space with a Simple Bash Script and Slack Alerts
  • Securing Docker Containers: Best Practices for Container Security
  • Mastering Dockerfile: Writing Efficient, Scalable Container Builds
  • Migrating a Git Repository from GitLab to GitHub with GPG-Signed Commits
  • Accessing AWS Services in Private Subnets Without 0.0.0.0/0
  • Understanding AWS Regions, Availability Zones, and VPCs: A Comprehensive Guide
©2025 Ercan Ermis | WordPress Theme by SuperbThemes