How to use Let's Encrypt / Certbot for Gitlab 13.4.4 hosted in EC2 Ubuntu 16.4.7

Hi All,

We have a Gitlab 13.4.4 hosted in EC2 Ubuntu 16.04.7 and I’m trying to use Lets Encrypt to certify our Gitlab to use https.

Need assistance in using certbot as it asks for web root for our domain, and I don’t know where to find it

Regards,

Heya,

I would suggest that you check out the documentation for web root related to let’s encrypt which can be seen here but i will quote this part:

The webroot plugin works by creating a temporary file for each of your 
requested domains in ${webroot-path}/.well-known/acme-challenge.

Then the Let’s Encrypt validation server makes HTTP 
requests to validate that the DNS for each requested domain resolves to the server running certbot.

Basically it doesn’t really matter for certbot where your actual webroot really resides as long it’s served under domain you’re trying to obtain certificates for. For example you can set the path for your web root to be var/www/html or it can even be randomfolder. I use personally /root path to store certificates for a group of servers.So it’s more of a personal reference.

Hi @johnpaz, welcome to the GitLab Community Forum! :tada:

@alhemicar is right about web root and letsencrypt, but I think you can achieve the same goal with less hassle if you use the GitLab LetsEncrypt Integration.

Basically, set A record in DNS to point to your EC2 Ubuntu Server’s public IP address, set your external_url to use HTTPS, and GitLab will request, obtain, apply, and auto-renew a LetsEncrypt SSL certificate to secure your instance.

external_url "https://yourgitlab.com"   

Followed by a sudo gitlab-ctl reconfigure for those changes to take effect and to get your LetsEncrypt certificate set up.

Best of luck, let us know how it goes!

1 Like