Question

SSL on standard GitLab image

Hi,

I just started out with a GitLab Droplet based on the ready provide image available.

Everything is running pretty smooth except I seem to be unable to get SSL working. I am following the guide I found here: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/README.md

To setup https. It seems all goes well until I try to connect to my url at http: or https: after the updates have been made. I just get a failed to open page message.

I checked on the server with “nmap localhost” and indeed when I change the config url to https://mydomain.com/ instead of http://mydomain.com/ that both port 80 and port 443 are not open. As long as the config says http://mydomain.com/ port 80 opens fine and connections through http can be made without problems.

Could anyone point me in the right direction on what I should do to get ssl working?

Thanks in advance.

  • Mark

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hi friend.

I have the same problem, until I read the official document here: https://gitlab.com/gitlab-org/omnibus-gitlab/blob/master/doc/settings/nginx.md

note the ‘https’ below

external_url “https://gitlab.example.com

If there line is http, gitlab will not use https at all, without any warning T_T…

I seem to have it working for the most part, but the gravatar images keep being loaded via http instead of https.

Hi, Is your certificate encrypted with passphrase? Check your nginx logs: /var/log/gitlab/nginx/* If you find something like this:

2014-07-31_10:21:02.65460 nginx: [emerg] SSL_CTX_use_PrivateKey_file("/etc/gitlab/ssl/gitlab.key") failed (SSL: error:0906406D:PEM routines:PEM_def_callba
ck:problems getting password error:0906A068:PEM routines:PEM_do_header:bad password read error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib)
2014-07-31_10:21:03.69148 Enter PEM pass phrase:

You can use this command to remove passphrase:

openssl rsa -in server.key.org -out server.key