Include OS's trusted certs for embedded OpenSSL

Problem to solve

Currently GitLab-Omnibus includes its own library of OpenSSL and links all compiled programs (e.g. Ruby, PostgreSQL, etc.) against this library. This library is compiled to look for certificates in /opt/gitlab/embedded/ssl/certs.

Certificates trusted by OS are not trusted by default, which forces a user to place the certificates in /etc/gitlab/trusted-certs/ and to have a perl interpreter installed in order to symlink the certificates to /opt/gitlab/embedded/ssl/certs.

Intended users

System Administrators

• Sidney (Systems Administrator)

Further details

Any issues relates to symlinking will be circumvented since the certificates can be copied over from the OS trusted certificates.

Links / references

ZD#134398 (GitLab Internal)