I'm trying to add TLS/SSL to my custom domain on Gitlab. Currently it says my site is available at https://yodel.co, but when I go there it says the certificate is invalid. How do I go about validating the certificate?
In the docs (also pictured) it says there are keys to add from your admin when setting up a new domain. However I'm not sure where to get these keys as I am the admin.
My Gitlab Pages
Gitlab docs screenshot
You can simplify, 3 years later, your process by using GitLab 12.1 (July 2019).
It comes with "Automatic HTTPS for Pages with Let's Encrypt":
In 12.1, Pages users that add a new custom domain can enable “Automatic certificate management using Let’s Encrypt”.
With this setting configured, GitLab automatically procures certs from Let’s Encrypt, provisions them to your custom domain in GitLab, keeps track of the expiration date and automatically renews your certs.
See more at "GitLab Pages integration with Let's Encrypt", from issue 28996:
The GitLab Pages integration with Let’s Encrypt (LE) allows you to use LE certificates for your Pages website with custom domains without the hassle of having to issue and update them yourself; GitLab does it for you, out-of-the-box.
Your selections can be set on a per-domain basis to accommodate varying users and requirements.
And with GitLab 17.1 (June 2024):
Pages support for mutual TLS in GitLab API calls
GitLab can be configured to enforce client authentication with SSL certificates.
However, the GitLab Pages service was incompatible with that feature, because it couldn’t be configured to use client certificates, and calls to the internal API were rejected.
From GitLab 17.1, you can configure a client certificate for GitLab Pages. This allows you to enable client authentication with the GitLab API, strengthening the security of your GitLab instance.
See Documentation and Issue.
