I’ve set up gitlab on a virtualmin server and I want to add a LetsEncrypt SSL cert so I can access it via HTTPS without warnings.
I created a “sub-server” git.mydomain.com to keep it separate from my primary domain (which also has an SSL cert installed), and added a LetsEncrypt certificate for git.mydomain.com successfully through the interface, but it’s not securing port 8180 where I have gitlab running.
Does anyone know how I can configure the LetsEncrypt cert to work for port 8180?
What’s the exact error?
What’s the setting for current SSL certificate for the sub-server?
What’s in the apache conf file for the sub-server?
Thanks for the reply. I should have mentioned, the main website uses Apache which gitlab is using nginx on port 8180.
There’s no error as such - The 8180 port is simply not secure when I load it in a browser (the cert is not loaded).
The settings on the SSL tab in Virtualmin look as they do when a letsencrypt cert is installed. It shows letsencrypt as the cert provider and shows paths to the certs. The cert is working fine on the sub-server on port 80 from what I can tell.
The VirtualHost looks just as you would expect:
SuexecUserGroup “#1075” “#1051”
ServerName git.mydomain.com
ServerAlias www.git.mydomain.com
ServerAlias mail.git.mydomain.com
ServerAlias webmail.git.mydomain.com
ServerAlias admin.git.mydomain.com
DocumentRoot /home/myuser/domains/git.mydomain.com/public_html
ErrorLog /var/log/virtualmin/git.mydomain.com_error_log
CustomLog /var/log/virtualmin/git.mydomain.com_access_log combined
ScriptAlias /cgi-bin/ /home/myuser/domains/git.mydomain.com/cgi-bin/
DirectoryIndex index.html index.htm index.php index.php4 index.php5
<Directory /home/myuser/domains/git.mydomain.com/public_html>
Options -Indexes +IncludesNOEXEC +SymLinksIfOwnerMatch
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
<Directory /home/myuser/domains/git.mydomain.com/cgi-bin>
allow from all
AllowOverride All Options=ExecCGI,Includes,IncludesNOEXEC,Indexes,MultiViews,SymLinksIfOwnerMatch
Require all granted
RewriteEngine on
RewriteCond %{HTTP_HOST} =webmail.git.mydomain.com
RewriteRule ^(.) https://git.mydomain.com:20000/ [R]
RewriteCond %{HTTP_HOST} =admin.git.mydomain.com
RewriteRule ^(.) https://git.mydomain.com:10000/ [R]
RemoveHandler .php
RemoveHandler .php7.2
RemoveHandler .php7.2
php_admin_value engine Off
<FilesMatch .php$>
SetHandler proxy:fcgi://localhost:8006
SSLEngine on
SSLCertificateFile /home/myuser/domains/git.mydomain.com/ssl.cert
SSLCertificateKeyFile /home/myuser/domains/git.mydomain.com/ssl.key
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLCACertificateFile /home/myuser/domains/git.mydomain.com/ssl.ca
I have no expirience with nginx, is it possible you have to setup nginx to serve the SSL cert?
You might be right. I’m not sure how to do that but I’ll do some research and report back!
I couldnt get ngnix working with the SSL cert so I configured gitlab to use apache rather than ngnix. I had to make a few manual tweaks to the apache VirtualHost for git.mydomain.com but as soon as I saved, everything sprang into life! Thanks for the help