generalgitlab-ee

Enable HTTPS support with NGINX

NOTE: The steps below assume that you are using a custom domain name and that you have already configured the custom domain name to point to your cloud server.

Bitnami images come with SSL support already pre-configured and with a dummy certificate in place. Although this dummy certificate is fine for testing and development purposes, you will usually want to use a valid SSL certificate for production use. You can either generate this on your own (explained here) or you can purchase one from a commercial certificate authority.

Once you obtain the certificate and certificate key files, you will need to update your server to use them. Follow these steps to activate SSL support:

  • Use the table below to identify the correct locations for your certificate and configuration files.

    Variable Value
    Current application URL https://[custom-domain]/
    Example: https://my-domain.com/ or https://my-domain.com/appname
    Gitlab configuration file /etc/gitlab/gitlab.rb
    Certificate file /etc/gitlab/ssl/server.crt
    Certificate key file /etc/gitlab/ssl/server.key
  • Copy your SSL certificate and certificate key file to the specified locations.

  • Once you have copied all the server certificate files, you may make them readable by the root user only with the following commands:

      $ sudo chown root:root /etc/gitlab/ssl/
      $ sudo chmod 600 /etc/gitlab/ssl/
    
  • Run the following command to have the activation take effect:

      $ sudo gitlab-ctl reconfigure
    
  • Open port 443 in the server firewall. Refer to the FAQ for more information.

You should now be able to access your application using an HTTPS URL.

Find more information about certificates at the GitLab official documentation.

Last modification December 21, 2022