Difference between revisions of "CentOS 7.x gitlab lets encrypt certificate renewal"
From Notes_Wiki
(Created page with "<yambe:breadcrumb self="gitlab lets encrypt certificate renewal">CentOS 7.x gitlab|gitlab</yambe:breadcrumb> =CentOS 7.x gitlab lets encrypt certificate renewal= o renew gitl...") |
m |
||
Line 1: | Line 1: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 7.x]] > [[CentOS 7.x DevOps|DevOps]] > [[CentOS 7.x version control|Version Control]] > [[CentOS 7.x gitlab|gitlab]] > [[CentOS 7.x gitlab lets encrypt certificate renewal]] | |||
To renew gitlab certificates from lets encrypt use: | |||
# Open /etc/gitlab/gitlab.rb and set following values: | # Open /etc/gitlab/gitlab.rb and set following values: | ||
#:<pre> | #:<pre> | ||
Line 51: | Line 50: | ||
[[Main Page|Home]] > [[CentOS]] > [[CentOS 7.x]] > [[CentOS 7.x DevOps|DevOps]] > [[CentOS 7.x version control|Version Control]] > [[CentOS 7.x gitlab|gitlab]] > [[CentOS 7.x gitlab lets encrypt certificate renewal]] |
Latest revision as of 15:23, 28 August 2022
Home > CentOS > CentOS 7.x > DevOps > Version Control > gitlab > CentOS 7.x gitlab lets encrypt certificate renewal
To renew gitlab certificates from lets encrypt use:
- Open /etc/gitlab/gitlab.rb and set following values:
- letsencrypt['enable'] = true # GitLab 10.5 and 10.6 require this option
- letsencrypt['contact_emails'] = ['foo@email.com'] # Optional
- letsencrypt['auto_renew'] = false
- letsencrypt['auto_renew_hour'] = "12"
- letsencrypt['auto_renew_minute'] = "30"
- Then run either of the below to renew:
- sudo gitlab-ctl reconfigure
- OR
- sudo gitlab-ctl renew-le-certs
Refer:
Acme::Client::Error::Malformed issue
If certificate renewal fails with error similar to:
Acme::Client::Error::Malformed ------------------------------ acme_certificate[staging] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/letsencrypt/resources/certificate.rb line 25) had an error: Acme::Client::Error::Malformed: Method not allowed
Then edit /opt/gitlab/embedded/cookbooks/letsencrypt/resources/certificate.rb and comment below set of lines:
acme_certificate 'staging' do [...] end
Then try:
sudo gitlab-ctl renew-le-certs
Refer:
Home > CentOS > CentOS 7.x > DevOps > Version Control > gitlab > CentOS 7.x gitlab lets encrypt certificate renewal