Fix nginx sni (!286) · Merge requests · GitLab.org / omnibus-gitlab

The source project of this merge request has been removed.

Flávio J. Saraiva requested to merge (removed):fix_nginx_sni into master Feb 25, 2015

Without ssl in the listen directive, it will use the gitlab https certificate when you try to access the gitlab-ci https site.

How to reproduce (sample):

in gitlab.rb:

external_url "https://gitlab.sample.domain"
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab.sample.domain.chained.crt"
nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab.sample.domain.domain.key"

ci_external_url "https://gitlab-ci.sample.domain"
ci_nginx['redirect_http_to_https'] = true
ci_nginx['ssl_certificate'] = "/etc/gitlab/ssl/gitlab-ci.sample.domain.chained.crt"
ci_nginx['ssl_certificate_key'] = "/etc/gitlab/ssl/gitlab-ci.sample.domain.key"

to view the error point a https enabled client (browser/wget/curl/...) to the gitlab-ci address or execute openssl s_client -showcerts -connect gitlab-ci.sample.domain:443

Fix nginx sni

Merge request reports