<!--IssueSummary start--> <details> <summary> Everyone can contribute. [Help move this issue forward](https://handbook.gitlab.com/handbook/marketing/developer-relations/contributor-success/community-contributors-workflows/#contributor-links) while earning points, leveling up and collecting rewards. </summary> - [Close this issue](https://contributors.gitlab.com/manage-issue?action=close&projectId=278964&issueIid=29109) </details> <!--IssueSummary end--> ## Problem to solve Git supports using certificates for authentication over HTTP. GitLab already supports using certificates for authentication over SSH, but HTTPS is preferred in certain situations, and some situations require it like Git LFS. ## Intended users All users ## Further details A customer that was on CE modified their source code to do this. It doesn't appear that the application supports this currently. They want the base version to have this so they don't have to merge custom code in every release. Even though we generally encourage people to use SSH keys, there are cases where HTTPS is easier for some people to set up. (Certain editors come to mind here.) There's also cases where HTTPS is required, [like LFS](https://docs.gitlab.com/ee/workflow/lfs/manage_large_binaries_with_git_lfs.html#how-it-works). Epic https://gitlab.com/groups/gitlab-org/-/epics/11872+ will allow for LFS over SSH. ## Proposal Implement support for using certificates for Git over HTTPS authentication. ## Permissions and Security <!-- What permissions are required to perform the described actions? Are they consistent with the existing permissions as documented for users, groups, and projects as appropriate? Is the proposed behavior consistent between the UI, API, and other access methods (e.g. email replies)? --> ## Documentation <!-- See the Feature Change Documentation Workflow https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html Add all known Documentation Requirements here, per https://docs.gitlab.com/ee/development/documentation/feature-change-workflow.html#documentation-requirements --> Similar to https://docs.gitlab.com/ee/administration/operations/ssh_certificates.html ## Testing <!-- What risks does this change pose? How might it affect the quality of the product? What additional test coverage or changes to tests will be needed? Will it require cross-browser testing? See the test engineering process for further guidelines: https://about.gitlab.com/handbook/engineering/quality/guidelines/test-engineering/ --> ## Links / references - [Git supports using client certs for authentication](https://stackoverflow.com/questions/28878549/how-to-configure-git-https-client-certificate-authentication-in-eclipse-using-eg). ## Customers * https://gitlab.my.salesforce.com/0016100001AluZM * https://gitlab.my.salesforce.com/00161000011y6Ia * https://gitlab.my.salesforce.com/0016100001fNln0