Error when registering a runner with self-signed certificate

Gitlab issue created here. Posting on this forum as well to get quicker support.

I’m having issues when trying to register a Gitlab Runner with self signed certificate, and the steps highlighted on this issue did not solve it for me.

When executing this command:

sudo docker run -it --rm \
  -v /srv/gitlab-runner/config.toml:/etc/gitlab-runner/config.toml \
  gitlab/gitlab-runner:alpine \
    register \
    --tls-ca-file=/etc/gitlab-runner/certs/ca-certificates.crt \
    --executor docker \
    --non-interactive \
    --registration-token XXXX \
    --docker-image docker:18-dind \
    --url https://git.XXXX/ \
    --docker-volumes /var/run/docker.sock:/var/run/docker.sock
  • /etc/gitlab-runner/certs/ca-certificates.crt is present in the docker container.

I get the following error:

ERROR: Registering runner... failed                 runner=X____G status=couldn't execute POST against Post x509: certificate signed by unknown authority
PANIC: Failed to register this runner. Perhaps you are having network problems

Using curl (from the gitlab runner host, not container) to test the certificate, works:

openssl s_client -CAfile /srv/gitlab-runner/certs/ca-certificates.crt -connect

The file /srv/gitlab-runner/certs/ca-certificates.crt is already in PEM format, as follows:


Also tried to export the certificate directly from the browser as a pem file, no luck… same error.

What am I missing, please? Thanks in advance!


Installed openssl in the docker container, and ran:
openssl s_client -connect git.XXX:443

It works! So, that proves that the certificate has been loaded in the OS.

Okay… so apparently connecting to the docker container sudo docker exec -it gitlab-runner /bin/bash and running gitlab-runner register directly there, worked! Go figure?