Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Gitlab:Peer's Certificate issuer is not recognized

I get this error on a fresh install of gitlab. The message looks like:

fatal: unable to access 'https://gitlab-ci-
token:[email protected]/something.git/': Peer's 
Certificate issuer is not recognized.ERROR: Job 
failed: exit status 1

Any suggestions on how to fix it?

like image 770
qubsup Avatar asked Aug 10 '17 08:08

qubsup


2 Answers

Had faced the same problem after enabling verbose mode by following command export GIT_CURL_VERBOSE=1 and found the following issue:

NSS error -8179 (SEC_ERROR_UNKNOWN_ISSUER)

Found this following site helpful,But its good when you have entire control for the proxy server as well to enter the certificates.

http://dropbit.com/?p=168

I instead ran following command to bypass ssl verification by porxy server and it worked

git config --global http.sslVerify "false"
like image 129
Avinash Singh Avatar answered Nov 07 '22 21:11

Avinash Singh


You need to configure /etc/gitlab/gitlab.rb. Change this line

nginx['ssl_certificate'] = "/etc/gitlab/<your-local-path>/cert.pem"

to

nginx['ssl_certificate'] = "/etc/gitlab/<your-local-path>/fullchain.pem"

(Assuming, you already have nginx enabled and you have correctly issued certificates, e.g. from LetsEncrypt.)

then restart gitlab and you're done:

$ gitlab-ctl reconfigure

Why - cert.pem does not contain full certificate chain, thus ca chain cannot be verified. Replacing with fullchain.pem solves it.

like image 37
Miroslav Mocek Avatar answered Nov 07 '22 22:11

Miroslav Mocek