Yum proxy to the following location:
https://rhui2-cds01.eu-west-1.aws.ce.redhat.com/pulp/repos/content/dist/rhel/rhui/server/7/
The following steps have been followed
https://help.sonatype.com/repomanager3/formats/yum-repositories/proxying-rhel-yum-repositories
The Nexus logs show that it is failing due to 401 Authorization Required
2020-04-15 13:20:40,979+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.headers - http-outgoing-1 >> GET /pulp/repos/content/dist/rhel/rhui/server/7/7Server/x86_64/os/repodata/repomd.xml HTTP/1.1
2020-04-15 13:20:40,979+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.headers - http-outgoing-1 >> Host: rhui2-cds01.eu-west-1.aws.ce.redhat.com
2020-04-15 13:20:40,980+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.headers - http-outgoing-1 >> Connection: Keep-Alive
2020-04-15 13:20:40,980+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.headers - http-outgoing-1 >> User-Agent: Nexus/3.22.0-02 (OSS; Linux; 3.10.0-1062.9.1.el7.x86_64; amd64; 1.8.0_221)
2020-04-15 13:20:40,980+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.headers - http-outgoing-1 >> Accept-Encoding: gzip,deflate
2020-04-15 13:20:41,011+0100 DEBUG [qtp1853380911-48] UNKNOWN org.apache.http.headers - http-outgoing-1 << HTTP/1.1 *401 Authorization Required
2020-04-15 13:20:41,011+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.headers - http-outgoing-1 << Date: Wed, 15 Apr 2020 12:20:40 GMT
2020-04-15 13:20:41,011+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.headers - http-outgoing-1 << Server: Apache/2.2.15 (Red Hat)
2020-04-15 13:20:41,012+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.headers - http-outgoing-1 << WWW-Authenticate: Basic realm="Pulp"
2020-04-15 13:20:41,012+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.headers - http-outgoing-1 << Content-Length: 508
2020-04-15 13:20:41,012+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.headers - http-outgoing-1 << Connection: close
2020-04-15 13:20:41,012+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.headers - http-outgoing-1 << Content-Type: text/html; charset=iso-8859-1
2020-04-15 13:20:41,013+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.impl.auth.HttpAuthenticator - Authentication required
2020-04-15 13:20:41,013+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.impl.auth.HttpAuthenticator - rhui2-cds01.eu-west-1.aws.ce.redhat.com:443 requested authentication
2020-04-15 13:20:41,014+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.impl.client.TargetAuthenticationStrategy - Authentication schemes in the order of preference: [Negotiate, Kerberos, NTLM, CredSSP, Digest, Basic]
2020-04-15 13:20:41,014+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.impl.client.TargetAuthenticationStrategy - Challenge for Negotiate authentication scheme not available
2020-04-15 13:20:41,015+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.impl.client.TargetAuthenticationStrategy - Challenge for Kerberos authentication scheme not available
2020-04-15 13:20:41,015+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.impl.client.TargetAuthenticationStrategy - Challenge for NTLM authentication scheme not available
2020-04-15 13:20:41,015+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.impl.client.TargetAuthenticationStrategy - Challenge for CredSSP authentication scheme not available
2020-04-15 13:20:41,016+0100 DEBUG [qtp1853380911-48] *UNKNOWN org.apache.http.impl.client.TargetAuthenticationStrategy - Challenge for Digest authentication scheme not available
2020-04-15 13:20:41,022+0100 INFO [qtp1853380911-48] *UNKNOWN org.sonatype.nexus.repository.httpclient.internal.HttpClientFacetImpl - Repository status for rhel-rhui changed from READY to AUTO_BLOCKED_UNAVAILABLE until 2020-04-15T13:21:21.021+01:00 - reason Unauthorized for https://rhui2-cds01.eu-west-1.aws.ce.redhat.com
Customer is able to authenticate successfully using this URL and the certs we have used in the key store via yum directly without passing any username/password.