Question

How to set up Gitlab with SSL Correctly?

Posted September 9, 2017 40.8k views
Git DigitalOcean Articles Ubuntu 16.04

Hello, so I followed this guide here to set up Gitlab here.

The problem comes with setting up SSL. You see, I followed this guide here to generate an SSL certificate which worked when I was setting up NextCloud.

Thing is, majority of the guides tell me how to set up Gitlab with Lets Encrypt (such as here) when I want to set up a self-signed SSL (which I did in that guide).

The thing is, the files I get when making the self-signed certificates (apache-selfsigned.key, apache-selfsigned.crt, dhparam.pem) are not the same of the ones I need (cert.pem, chain.pem, fullchain.pem, privkey.pem)

Anyone can helo me setup Gitlab using a self-signed ceritificate? I can make another self-signed certificate if needed

Add a comment
sailer403
By:
sailer403
Add a comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

2 answers
Aprexer September 9, 2017
How To Secure GitLab with Let's Encrypt on Ubuntu 16.04
by Justin Ellingwood
GitLab, specifically GitLab CE (Community Edition), is an open source application primarily used to host Git repositories, with additional development-related features like issue tracking. The GitLab project makes it relatively straight forward to set up a GitLab instance on...
Reply Report
kamaln7 September 11, 2017

Hi @sailer403, looking at your pastebin, you need to set the following settings:

nginx['ssl_certificate'] = "/path/to/apache-selfsigned.crt"
nginx['ssl_certificate_key'] = "/path/to/apache-selfsigned.key"

# a few lines later

nginx['ssl_dhparam'] = "/path/to/dhparam.pem"

Since your certificate is self signed, you do not need to build a chain of trust (CA <- intermediate CA certificate if one exists <- your certificate). You can just use your own cert by itself. Restart gitlab after editing the config and you should be all set!

Reply Report
Submit an Answer

Related

Looking for something else?

Ask a new question Search for more help