I have both gitlab and mattermost running with https using Let's Encrypt certificates. I added the matter most application with the following callback URLs
https://mattermost.mysite.com/signup/gitlab/complete
https://mattermost.mysite.com/login/gitlab/complete
I then edited my /etc/gitlab/gitlab.rb
by adding the following:
external_url "https://gitlab.mysite.com"
nginx['redirect_http_to_https'] = true
nginx['ssl_certificate'] = "/etc/letsencrypt/live/gitlab.mysite.com/cert.pem"
nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/gitlab.mysite.com/privkey.pem"
mattermost_external_url 'https://mattermost.mysite.com'
mattermost_nginx['redirect_http_to_https'] = true
mattermost_nginx['ssl_certificate'] = "/etc/letsencrypt/live/mattermost.mysite.com/0000_cert.pem"
mattermost_nginx['ssl_certificate_key'] = "/etc/letsencrypt/live/mattermost.mysite.com/privkey1.pem"
mattermost['service_use_ssl'] = true
mattermost['gitlab_enable'] = true
mattermost['gitlab_secret'] = "pooppooppooppooppoop"
mattermost['gitlab_id'] = "peepeepeepeepee"
mattermost['gitlab_scope'] = ""
mattermost['gitlab_auth_endpoint'] = "https://gitlab.mysite.com/oauth/authorize"
mattermost['gitlab_token_endpoint'] = "https://gitlab.mysite.com/oauth/token"
mattermost['gitlab_user_api_endpoint'] = "https://gitlab.mysite.com/api/v3/user"
Then When I go to https://mattermost.mysite.com
I see
followed by this after entering a new team name and clicking Create Team with GitLab account
and finally I get the error
In /var/log/gitlab/mattermost/mattermost.log
I see this error
[2016/01/28 21:15:48 EST] [EROR] /signup/gitlab/complete:AuthorizeOAuthUser code=500 rid=5j3eqjfrj7gpoopsxk6c9h8ka uid= ip=10.34.6.4 Token request failed [details: Post https://gitlab.mysite.com/oauth/token: x509: certificate signed by unknown authority]
Any ideas on how to fix this? Is Let's Encrypt an unknown authority? Is there a way to get to know Let's Encrypt?
I'm running GitLab Community Edition 8.4.2 8d07b81
on Debian GNU/Linux 7.8 (wheezy)
Thanks