Getting x509: certificate signed by unknown authority
We use custom CA
Mounting it as suggested here:
and here
IMHO documents are not completely clear and ambiguous. In my case hostname.crt
contains only my custom CA. Should it work?
No luck.
ls -la /home/gitlab-runner/.gitlab-runner/certs/
lrwxrwxrwx 1 root root 19 Sep 13 15:53 hostname.crt -> ..data/hostname.crt
[31;1mERROR: Registering runner... failed [0;m [31;1mrunner[0;m=4waUKyTq [31;1mstatus[0;m=couldn't execute POST against https://git.com/api/v4/runners: Post https://git.com/api/v4/runners: x509: certificate signed by unknown authority
[31;1mPANIC: Failed to register this runner. Perhaps you are having network problems[0;m
Registration attempt 30 of 30
For example if my git is git.com
I was trying to mount /home/gitlab-runner/.gitlab-runner/certs/git.com.crt
with CA only. Did not work either.
Workaround
Set the path of the certificate to the CI_SERVER_TLS_CA_FILE
variable.
envVars:
- name: CI_SERVER_TLS_CA_FILE
value: /home/gitlab-runner/.gitlab-runner/certs/git.nonprod.mycorp.plc.crt
Edited by Steve Xuereb