I have a private GitLab (with self-sign certifcate) that I tried to use for Rancher’s pipeline but I’m getting “x509: certificate signed by unknown authority” error and can’t proceed with the configuration. There’s no way to enter the custom self-sign certificate from the initial set-up.
I noticed that if the pipeline is configured already then we can update the cacert to use. Is there a way to enter the cacert from the initial set-up?
Initial configuration (no way to add custom cert):
Pipeline already configured (with cacert option):
were you able to resolve this?
Yes, we were able to resolve it. The initial setting for pipeline looks at the cert inside Rancher. We load the cert to tls-ca-additional and then updated our rancher to add additionalTrustedCAs: true.
Instruction is on the below link on loading additional cert:
Thank you for your response. I checked the documentation. But how to --set additionalTrustedCAs=true is unclear to me
Sample command to upgrade Rancher and update the existing parameter:
helm upgrade rancher rancher-stable/rancher --reuse-values --set additionalTrustedCAs=true