I'm using a docker gitlab/gitlab-ce:12.7.2-ce.0 image to run a GitLab. I'm trying to use a built-in container registry feature. Documentation sais: "If you are using the Omnibus GitLab built in Let’s Encrypt integration, as of GitLab 12.5, the Container Registry will be automatically enabled on port 5050 of the default domain.". Is it possible to configure GitLab builtin container registry with self-signed certs?
Asked
Active
Viewed 1,466 times
0
-
I'm not sure of your actual question: are you using let's encrypt for gitlab and you want to use a different self signed cert for container registry ? Or are you using a self signed cert for gitlab and you want to know if it will prevent your from using the container registry ? In any case, I'm not sure you have read this: https://docs.gitlab.com/ee/administration/packages/container_registry.html#container-registry-domain-configuration – Zeitounator Feb 01 '20 at 23:39
-
Answering your question: I can not use Let's Encrypt, because my GitLab server is in a local domain. I need to use certs generated by my local PKI. – bartbak Feb 02 '20 at 20:04
1 Answers
0
After a few tests, the configuration presented in the https://docs.gitlab.com/ee/administration/packages/container_registry.html turned out to be correct. In addition, I placed the entire CA certificate path in /etc/gitlab/trusted-certs (in PEM format) so that when the GitLab container starts, the appropriate symlinks appear in the /opt/gitlab/embedded/ssl/certs directory.
bartbak
- 15
- 8