Skip to content

Fix custom root CA issues

Ben Bodenmiller requested to merge bbodenmiller/omnibus-gitlab:custom-root-ca-fixes into master

Originally implemented in !827 (merged)

  • Fixes #1370 (closed) - set correct permissions on /etc/gitlab/ssl so files from trusted-certs directory can be read
  • Fixes #1378 (closed) - follow symlinks in /opt/gitlab/embedded/ssl/certs to real certificate and copy certificate to /etc/gitlab/ssl/trusted-certs
  • Fixes #1379 (closed) - don't move /opt/gitlab/embedded/ssl/certs/cacert.pem even if symlink points to it
  • Cleanup confusing symlinks left in /etc/gitlab/ssl/trusted-certs by c_rehash
  • Improve logging

Merge request reports