Yes, first you need to combine the crt and bundle like my previous post, and put it in /etc/gitlab/ssl directory. The key also. They must be the name of the host, so git.ad.cuaerospace.com.crt and git.ad.cuaerospace.com.key
Then just reconfigure gitlab after that and all done.
iwalker, I was told that the last steps were key to the solution and it is working properly but thread owner ran out of replies for the day lol wanted to make sure you knew he was thankful
I could have probably been a bit more clear that the file extension could be different 
I generally generate my CSR’s from the console, so I always end up naming the file .key instead of .pem like you will pretty much always get when you purchase a certficate somewhere. Anyway, as I hear it’s all working for you so well done 
Ian, you’re my hero.
What I’ve got here is success and I’ve got you to thank for it. Thank you very much, and have a great weekend!
(the above is what I tried to post Friday afternoon right before learning of the first-day 19-post limit, lol)
Thank you again, Ian. I’d have preferred to have figured out a self-signed solution, but at $0.50/mo, arguably the CA-authority solution was correct in the end!