Gitlab enables https

In fact, gitlab is only responsible for listening to local socket files, while the Web server uses nginx and so on. You only need to make the appropriate configuration on the Web server.

The following is an example using nginx. The gitlab script file downloaded in the gitlab Installation Guide is modified as appropriate.

# GITLAB# Maintainer: @randx# App Version: 4.0upstream gitlab {  server unix:/home/gitlab/gitlab/tmp/sockets/gitlab.socket;}server {  listen 443;  ssl                  on;  ssl_certificate      /etc/nginx/sites-available/server.crt;  ssl_certificate_key  /etc/nginx/sites-available/server.key;  server_name localhost;  #ubuntu1204-dell source.cml.com;     # e.g., server_name source.example.com;  root /home/gitlab/gitlab/public;  # individual nginx logs for this gitlab vhost  access_log  /var/log/nginx/gitlab_access.log;  error_log   /var/log/nginx/gitlab_error.log;  location / {    # serve static files from defined root folder;.    # @gitlab is a named location for the upstream fallback, see below    try_files $uri $uri/index.html $uri.html @gitlab;  }  # if a file, which is not found in the root folder is requested,  # then the proxy pass the request to the upsteam (gitlab unicorn)  location @gitlab {    proxy_read_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694    proxy_connect_timeout 300; # https://github.com/gitlabhq/gitlabhq/issues/694    proxy_redirect     off;    proxy_set_header   X-Forwarded-Proto $scheme;    proxy_set_header   Host              $http_host;    proxy_set_header   X-Real-IP         $remote_addr;    proxy_pass http://gitlab;  }}

Note the following four lines in server.

Listen to port 443 and enable SSL. The server. CRT and server. Key Files are generated according to the nginx documentation.

Finally, proxy_pass http: // gitlab cannot be modified. Do not change it to HTTPS. Otherwise, it cannot work.

Now try the check out code using https:

Git clone https ://....

An error is reported, indicating that the certificate verification is incorrect:

Error: server certificate verification failed. cafile:/etc/SSL/certs/ca-certificates.crt crlfile: None

The simplest solution is to add an environment variable:

export GIT_SSL_NO_VERIFY=1