1 like
·
3.2K reads
2 comments
·Mar 19, 2023
Mar 19, 2023
Hello, thank you for this article. I had created cert by command: sudo openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -sha256 -keyout /etc/ssl/private/nginx-selfsigned-gitlab.key -out /etc/ssl/certs/nginx-selfsigned-gitlab.crt -subj "/C=US/ST=NY/L=NY/O=GL/OU=GL/CN=gitlab.site" -addext "subjectAltName = DNS:gitlab.site" So I just copy and rename it to ca.crt. I dont understand why I need create 2 cert for this (ca.crt and gitlab.crt)?
·
·1 reply
Author
·Apr 20, 2023
The "ca.crt" in my guide is part of the signing chain.
You renamed your "nginx-selfsigned-gitlab.crt" to "ca.crt"? If that's the case I think this is the 'intermediate' chain cert you need to cp to your gitlab runner. The part "cp ca.crt /srv/gitlab-runner/ssl/" in my guide.
·