Always this error:
[EROR] /signup/gitlab/complete:AuthorizeOAuthUser code=500 rid=xxx uid= ip=xxx Token request failed [details: Post https://xxx.domain.com/oauth/token: tls: oversized record received with length 20527]
Also see: https://gitlab.com/gitlab-org/gitlab-mattermost/issues/43
Our self signed certificate (CA) was created with SHA512, also the one, that the reverse proxy used in front of gitlab and mattermost. And the oauth workflow was running over the official routing through the reverse proxy. I think, that could be a problem with mattermosts certificate/tls handling in combination with strong certificates like ours SHA512 bit.