Use Gitlab with SSL on DigitalOcean

October 8, 2019 70 views
Let's Encrypt DigitalOcean Git

Hi everyone,

I’d like to setup my own Gitlab EE server with the prebuilt app from Digital Ocean served with HTTPS. The application works but I can’t get it to use the Let’s Encrypt certificate created in the DigitalOcean Security section.

The used certificate is apparently signed by me and therefore triggers a “The connection to this website isn’t secure” on the browser.

My configuration on Gitlab is the following:

nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/git.domain.tld.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/git.domain.tld.key"
external_url "https://git.domain.tld"

Do you see what I’m doing wrong here?

1 Answer

Hello,

With a self-signed SSL you would always be getting a warning. What I would suggest instead is using Let’s Encrypt. As the GitLab one-click installation uses Nginx, here’s how you could install Let’s Encrypt for Nginx:

https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04

Hope that this helps!
Regards,
Bobby

by Mitchell Anicas
In this tutorial, we will show you how to use Let's Encrypt to obtain a free SSL certificate and use it with Nginx on Ubuntu 16.04. We will also show you how to automatically renew your SSL certificate. If you're running a different web server, simply follow your web server's documentation to learn how to use the certificate with your setup.
Have another answer? Share your knowledge.