Difference between revisions of "CentOS 7.x gitlab lets encrypt certificate renewal"

From Notes_Wiki
(Created page with "<yambe:breadcrumb self="gitlab lets encrypt certificate renewal">CentOS 7.x gitlab|gitlab</yambe:breadcrumb> =CentOS 7.x gitlab lets encrypt certificate renewal= o renew gitl...")
 
m
 
Line 1: Line 1:
<yambe:breadcrumb self="gitlab lets encrypt certificate renewal">CentOS 7.x gitlab|gitlab</yambe:breadcrumb>
[[Main Page|Home]] > [[CentOS]] > [[CentOS 7.x]] > [[CentOS 7.x DevOps|DevOps]] > [[CentOS 7.x version control|Version Control]] > [[CentOS 7.x gitlab|gitlab]] > [[CentOS 7.x gitlab lets encrypt certificate renewal]]
=CentOS 7.x gitlab lets encrypt certificate renewal=


o renew gitlab certificates from lets encrypt use:
To renew gitlab certificates from lets encrypt use:
# Open /etc/gitlab/gitlab.rb and set following values:
# Open /etc/gitlab/gitlab.rb and set following values:
#:<pre>
#:<pre>
Line 51: Line 50:




<yambe:breadcrumb self="gitlab lets encrypt certificate renewal">CentOS 7.x gitlab|gitlab</yambe:breadcrumb>
[[Main Page|Home]] > [[CentOS]] > [[CentOS 7.x]] > [[CentOS 7.x DevOps|DevOps]] > [[CentOS 7.x version control|Version Control]] > [[CentOS 7.x gitlab|gitlab]] > [[CentOS 7.x gitlab lets encrypt certificate renewal]]

Latest revision as of 15:23, 28 August 2022

Home > CentOS > CentOS 7.x > DevOps > Version Control > gitlab > CentOS 7.x gitlab lets encrypt certificate renewal

To renew gitlab certificates from lets encrypt use:

  1. Open /etc/gitlab/gitlab.rb and set following values: 
    letsencrypt['enable'] = true                      # GitLab 10.5 and 10.6 require this option
    

    letsencrypt['contact_emails'] = ['foo@email.com'] # Optional
    

    

    letsencrypt['auto_renew'] = false
    

    letsencrypt['auto_renew_hour'] = "12"
    

    letsencrypt['auto_renew_minute'] = "30"
  2. Then run either of the below to renew: 
    sudo gitlab-ctl reconfigure
    OR 
    sudo gitlab-ctl renew-le-certs

Refer:


Acme::Client::Error::Malformed issue

If certificate renewal fails with error similar to: 

   Acme::Client::Error::Malformed
   ------------------------------
   acme_certificate[staging] (/opt/gitlab/embedded/cookbooks/cache/cookbooks/letsencrypt/resources/certificate.rb line 25) had an error: Acme::Client::Error::Malformed: Method not allowed

Then edit /opt/gitlab/embedded/cookbooks/letsencrypt/resources/certificate.rb and comment below set of lines: 

   acme_certificate 'staging' do
   [...]
   end

Then try: 

   sudo gitlab-ctl renew-le-certs

Refer:


Home > CentOS > CentOS 7.x > DevOps > Version Control > gitlab > CentOS 7.x gitlab lets encrypt certificate renewal

Retrieved from "http://www.sbarjatiya.com/notes_wiki/index.php?title=CentOS_7.x_gitlab_lets_encrypt_certificate_renewal&oldid=7253"