Fix custom root CA issues
Originally implemented in !827 (merged)
- Fixes #1370 (closed) - set correct permissions on
/etc/gitlab/ssl
so files fromtrusted-certs
directory can be read - Fixes #1378 (closed) - follow symlinks in
/opt/gitlab/embedded/ssl/certs
to real certificate and copy certificate to/etc/gitlab/ssl/trusted-certs
- Fixes #1379 (closed) - don't move
/opt/gitlab/embedded/ssl/certs/cacert.pem
even if symlink points to it - Cleanup confusing symlinks left in
/etc/gitlab/ssl/trusted-certs
byc_rehash
- Improve logging