Elastic Search integration with Gitlab

Question

I am working on integrating elasticsearch with gitlab. So, i have created one elasticsearch server and enabled https for it by using self signed certificates. when i tried to integrate with gitlab its giving me 500 error and below is the log i got.

Faraday::SSL::SSLError SSL_connect returned=1 errno=0 state=error: certificate verify failed (self signed certificate in certificate chain)

From this i think gitlab is unable to verify the certificate of elastic search. Is there a way to disable this verification or any other way to make sure that my elasticsearch gets integrated.

Any help would me much appreciated, Thank you.

Answer 1

You need to add into trusted path /etc/gitlab/trusted-certs. once you will put the crt, der or pem files you can validate with next steps.

1. Please, validate the symlinks: sudo ls -al /opt/gitlab/embedded/ssl/certs

1.1. Check certs: echo | /opt/gitlab/embedded/bin/openssl s_client -connect HOSTNAME:port

View a certificate’s details in text form using x509. Be sure to replace /path/to/certificate.crt with the certificate’s path: /opt/gitlab/embedded/bin/openssl x509 -in /path/to/certificate.crt -text -noout

Fetch a certificate from a server and decode it. This combines both of the above commands to fetch the server’s SSL certificate and decode it to text: echo | /opt/gitlab/embedded/bin/openssl s_client -connect HOSTNAME:port | /opt/gitlab/embedded/bin/openssl x509 -text -noout

Links:

• https://docs.gitlab.com/omnibus/settings/ssl/index.html#install-custom-public-certificates
• https://docs.gitlab.com/omnibus/settings/ssl/ssl_troubleshooting.html