When I run a ‘gitlab-ctl reconfigure’ command on my GitLab CE 12.8.4 build, I receive the following error message:
There was an error running gitlab-ctl reconfigure:
letsencrypt_certificate[gitlab.redacted.org] (letsencrypt::http_authorization line 5) had an error: RuntimeError: acme_certificate[staging] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/letsencrypt/resources/certificate.rb line 25) had an error: RuntimeError: ruby_block[create certificate for gitlab.redacted.org] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/acme/resources/certificate.rb line 108) had an error: RuntimeError: [gitlab.redacted.org] Validation failed, unable to request certificate
The issue isn’t with ‘redacted.org’ which is an example with the word redacted in-place of my true name, but rather with the LetsEncrypt certs that I generated from CertBot using the dns-01 challenge separate from GitLab. I have zero configuration settings in my gitlab.rb file for GitLab generating LetsEncrypt certs. I’m guessing for whatever reason, GitLab doesn’t like this. Issue seems to resolve itself after I wait for a few days once I copy the wildcard LetsEncrypt certs from my server with CertBot running to my server with GitLab installed. I don’t get it.