HI I have face some issues in gitlab ssl authentication. I have tried so may way to solved but i unable to configure trusted ssl. so finally i got easy way to solve this. Below I have mentioned the steps.
1. Configure the ssl cert and key path in gitlab.rb
Place the original certifiacation and key to /etc/gitlab/ssl/
and edit the gitlab config file with following command
vim /etc/gitlab/gitlab.rb
in that we need to assign the location of ssl cert and key path for nginx. After that you need to change some changes in nginx config file.
nginx['ssl_certificate'] = "/etc/gitlab/ssl/ssl_certificate.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/ssl_certification.key"
vim /opt/gitlab/embedded/conf/nginx.conf
in that you have to uncommand and modified like below.
HTTPS server
server {
listen 443 ssl;
server_name gitlab.domain.com;
#ssl_certificate cert.pem;
ssl_certificate /etc/gitlab/ssl/ssl_certificate.crt;
ssl_certificate_key /etc/gitlab/ssl/ss_certification.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
}
copy the original certificate file to /etc/pki/ca-trust/source/anchors/
then only it will authenticate with gitlab nginx.
1. Configure the ssl cert and key path in gitlab.rb
Place the original certifiacation and key to /etc/gitlab/ssl/
and edit the gitlab config file with following command
vim /etc/gitlab/gitlab.rb
in that we need to assign the location of ssl cert and key path for nginx. After that you need to change some changes in nginx config file.
nginx['ssl_certificate'] = "/etc/gitlab/ssl/ssl_certificate.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/ssl_certification.key"
vim /opt/gitlab/embedded/conf/nginx.conf
in that you have to uncommand and modified like below.
HTTPS server
server {
listen 443 ssl;
server_name gitlab.domain.com;
#ssl_certificate cert.pem;
ssl_certificate /etc/gitlab/ssl/ssl_certificate.crt;
ssl_certificate_key /etc/gitlab/ssl/ss_certification.key;
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
root html;
index index.html index.htm;
}
}
}
copy the original certificate file to /etc/pki/ca-trust/source/anchors/
then only it will authenticate with gitlab nginx.
2. Passphrase authentication
If we give the gitlab-ctl reconfigure it will shows the bad password read error in that time if your certification have the key. If your certification doesn't have the key then no problem. If you have then. provide the following command and give the location to the config it will authenticate successfully.
openssl rsa -in original.key -out unencripted.key
then
gitlab-ctl reconfigure
gitlab-ctl restart
Enjoy............
No comments:
Post a Comment