Provided TLS certificate not being used for custom domain
Description of the problem
I have a static site published using Pages at a custom domain:
http://persuasiongame.codesimple.net/persuasion/
but, after obtaining and adding a TLS certificate generated with Let's Encrypt, when I visit https://persuasiongame.codesimple.net/persuasion/ it still uses the *.gitlab.io certificate rather than the one I uploaded.
The certificate appears to have been accepted by the Pages custom domain settings which show:
Certificate: /CN=persuasiongame.codesimple.net
next to the custom domain.
Clicking on the "Details" button displays my certificate details as expected.
Any ideas why the certificate isn't getting used?
Which Group/Project (with full path) is experiencing the issue?
/codesimple/persuasion-game
Approximate date/time when the error occurred.
From Aug 17th 2016 ongoing
-
I eventually worked out why this wasn't working...
It turns out that the private key that Let's Encrypt generates and stores in
privkey.pemis an RSA key inPKCS#8format (with header-----BEGIN PRIVATE KEY-----) but GitLab appears to require the key inPKCS#1format (with header-----BEGIN RSA PRIVATE KEY-----).So, rather than pasting the contents of
privkey.peminto the GitLabKey (PEM)field, you need to convert the key toPKCS#1and paste that in:sudo openssl rsa -in letsencrypt/live/persuasiongame.codesimple.net/privkey.pem -
Status changed to closed
Toggle commit list -
@maport Ahh, how did figure that out? I kept getting "Certificate misses intermediates" when adding a certificate generated by Cloudflare.
