Rancher Pipeline -> Private GitLab ( x509: certificate signed by unknown authority)

I have a private GitLab (with self-sign certifcate) that I tried to use for Rancher’s pipeline but I’m getting “x509: certificate signed by unknown authority” error and can’t proceed with the configuration. There’s no way to enter the custom self-sign certificate from the initial set-up.

I noticed that if the pipeline is configured already then we can update the cacert to use. Is there a way to enter the cacert from the initial set-up?

Initial configuration (no way to add custom cert):

Pipeline already configured (with cacert option):

were you able to resolve this?

Yes, we were able to resolve it. The initial setting for pipeline looks at the cert inside Rancher. We load the cert to tls-ca-additional and then updated our rancher to add additionalTrustedCAs: true.

Instruction is on the below link on loading additional cert:


Thank you for your response. I checked the documentation. But how to --set additionalTrustedCAs=true is unclear to me

Sample command to upgrade Rancher and update the existing parameter:

helm upgrade rancher rancher-stable/rancher --reuse-values --set additionalTrustedCAs=true