1. Create Private Key
# openssl genrsa -des3 -out /etc/gitlab/ssl/gitlab.domain.com.key 2048
2. Create Certificate Request
# openssl req -nodes -newkey rsa:2048 -keyout gitlab.domain.com.key -out gitlab.domain.com.csr
Enter Country Name US
Enter State or Province Full Name
Enter City Name
Enter Organization Name
Enter Company Name
Enter Organizational Unit Name
Enter server hostname i.e. URL gitlab.domain.com
Enter Admin Email Address
Skip Challenge Password (Hit Enter)
Skip Optional Company Name (Hit Enter)
3. Remove Pass Phrase from Private Key
# cp -v /etc/gitlab/ssl/gitlab.domain.com.{key,original}
# openssl rsa -in /etc/gitlab/ssl/gitlab.domain.com.original -out /etc/gitlab/ssl/gitlab.domain.com.key
# rm -v /etc/gitlab/ssl/gitlab.domain.com.original
4. Create Certificate
# openssl x509 -req -days 1460 -in /etc/gitlab/ssl/gitlab.domain.com.csr -signkey /etc/gitlab/ssl/gitlab.domain.com.key -out /etc/gitlab/ssl/gitlab.domain.com.crt
5. Remove Certificate Request File
# rm -v /etc/gitlab/ssl/gitlab.domain.com.csr
6. Set file permissions
# chmod 600 /etc/gitlab/ssl/gitlab.domain.com.*
No comments:
Post a Comment