Daily Musings

How to Fix: Gitlab LetsEncrypt Renewal Failure

So my LetsEncrypt certificate for Gitlab expired, and I wanted to see if I could manually renew it, since it did not renew on its own.

I was getting an error in the console when running sudo gitlab-ctl renew-le-certs that said the response from the server was malformed.

Digging deeper, it seems that it can be really simple to get around.

Simply edit /opt/gitlab/embedded/cookbooks/letsencrypt/resources/certificate.rb and comment out the lines in the acme_certificate section as shown in the image above.

Now you should be able to force the certificate to renew by manually running sudo gitlab-ctl renew-le-certs again!