I am having an issue with getting an SSL cert to work correctly with Gitlab. We have a certificate issues from DigiCert that requires an Intermediate CA. I have concatenated the intermediate certification along the the root CA cert into a single file which I have then placed into the /etc/gitlab/trsuted-certs folder. I then gitlab reconfigure and restart successfully, but when the https://mysite.mydomin.com page is brought up, the certificate is shown as invalid and the certificate path just shows the server cert, but not the Intermediate and root CA. What am I doing incorrectly here? Thanks you for your time.
Hello, trust-certs is a directory where you put new root-CA certificates GitLab should trust when acting as client, i.e. when you have an internal bugtracker with a SSL certificate from a company CA and you want GitLab commits to show up as comment in bug tickets.
You may store your public key with the intermediate concatenated anywhere.
E.g. use /etc/ssl/private/myinstance.crt and /etc/ssl/private/myinstance.key
Edit gitlab.rb, point to these files and call gitlab-ctl reconfigure.
One caveat: look at your concatenated crt. The end line of your certificate with the dashes and the start line of the intermediate with the dashes MUST be separated with a line feed.
Then edit /etc/gitlab.rb and look for the