If I use an internal ACME provider in my intranet (i.e. StepCA). How could I change the URI from letsencrypt to the local one? Is there a property I could change?
If there is an option, please add it to the documentation
Hi, there isnβt an option for it as far as I can see.
If you want to use alternative certificates, then you can just create /etc/gitlab/ssl
directory and then put your StepCA certficate and key in here ensuring that the cert file is the full chain. The name of the certificate should be the FQDN of your host, so if we assume gitlab.example.com
as the gitlab server, then in /etc/gitlab/ssl
you should have gitlab.example.com.crt
and gitlab.example.com.key
.
Then it will do everything that you want to do without using LetsEncrypt. I did similar when using LetsEncrypt integrated with ejabberd, so you can just script it all out with the step-ca CLI tool to generate, and then put the certificates in the directory I mentioned above with the appropriate filename matching your gitlab FQDN.
Thanks, this is the actual way i solve this problem. It would be nice if i could change the acme uri, because I want to remove all unnecessary manual tasks. I will raise a feature request.