-1

I have a working, secure OpenLDAP server running at:

auth.<company name>.com

I also have a reader account that Gitlab can use:

cn=Reader Reader,ou=users,dc=auth,dc=<Company name>,dc=com

Our setup is secured with STARTTLS. Our server will accept no other connections, nor do I want to configure other connection types (SSL, unencrypted).

My question is, how do I massage Gitlab to authenticate over STARTTLS? I've gotten Gitlab to recognize that it should be using STARTTLS, but I don't know where to reference the certs (public, private, and CA) so that Gitlab will use them. I have the certs in question, but I just don't know how to tell Gitlab where to find them. Any help you can provide will be much appreciated.

Andrew M.
  • 9
  • 3
  • What did you try? – 030 Apr 01 '15 at 20:34
  • See my answer below. I kept changing the config file and restarting gitlab, only to find out later that the config file doesn't update on a restart. It's one of those things that makes you want to introduce your head and desk. – Andrew M. Apr 02 '15 at 21:20

1 Answers1

0

Turns out, the gitlab-ctl restart doesn't update changes. You'll need to edit your config file and run gitlab-ctl reconfigure. You don't need to specify your certificates anywhere.

Andrew M.
  • 9
  • 3