You have to replace the self-signed cert that GitLab installs with one that has a subject alt name field. Here’s a one-line recipe to make such a certificate on the machine hosting the GitLab instance:
replace “your-host.tld” with your FQDN host name everywhere, CC with your country code (e.g., US), etc. to customize the fields to your case. Then install the certificate and key in place of the original ones on the GitLab server and restart it.
On the runner, you may need to copy the cert file over and add it to the trusted store. Write back if the docs are unclear on how to do this.