Self signed certificate SSL Error using self hosted GitLab

0
votes

I have a hosted Git repo on my company intranet. I can clone, pull, push, etc successfully with command line Git by disabling sslverify. I know this is not ideal but I have no control over our certificate or IT infrastructure so it is what it is.

I paid for GitLab EE, setup the omnibus package and I'm trying to clone the repo via https. However I get an error that it cannot verify the SSL certificate. This is not entirely unexpected but I cannot figure out how to bypass the ssl verification with GitLab EE. In the http settings I set self verified to true and pointed it to my .pem in /etc/gitlab/ssl but I get the same error.

Can I just set sslverify to false like I did command line git?

2
sslhttpsgitlab
Are you trying to clone with git or are you using a external program which issues git commands?Fairy
GitLab apparently runs its own clone command that does not use the native Git.lazy8s
Wait. Are you trying to clone TO GitLab or FROM GitLab?Fairy
I have a Git repo hosted on the internal Git server. I'm trying to use GitLab as an interface for my team to manage issues and CI, etc. I stood up the Git repo with a Readme.txt and now I'm trying to point GitLab to is. I don't care about the clone at all. However in GitLab when I say create new project it asks where I am hosting the project. I say a self hosted Git and it asks for the link. I put in the link and GitLab issues a clone command.lazy8s
@lazy8s Is your problem solved ? Feel free to accept the best answer to close topic thksGGO

2 Answers

2
votes

Since GitLab fails to pull from a Repo because the certificate check failed, you can set git specific settings in your /etc/gitlab/gitlab.rb. There is a key called omnibus_gitconfig['system'] there your config should be something like:

omnibus_gitconfig['system'] = { "http" => ["sslVerify = false"]}

This is bad practice and you should use it with caution.

You could specify the domain to disable certificate checks for with:

omnibus_gitconfig['system'] = { "http \"https://example.com\"" => ["sslVerify = false"]}
0
votes

You can define it in omnibus configuration package like Fairy says. Or you can use int a git bash command :

git config --global sslVerify false

This will disable the HTTPS verification of current repository