Gitlab-CI运行程序:忽略自签名证书
gitlab-ci-multi-runner register给我
couldn't execute POST against https://xxxx/ci/api/v1/runners/register.json:Post https://xxxx/ci/api/v1/runners/register.json:
x509: cannot validate certificate for xxxx because it doesn't contain any IP SANs
有没有办法禁用认证验证?
我正在使用Gitlab 8.13.1和gitlab-ci-multi-runner 1.11.2。
回答:
根据Wassim的答案以及有关tls-
自签名和自定义CA签名证书的gitlab文档,如果您不是gitlab服务器的管理员,而是运行者(以及运行者)的管理员,则可以节省一些时间以root身份运行):
SERVER=gitlab.example.comPORT=443
CERTIFICATE=/etc/gitlab-runner/certs/${SERVER}.crt
# Create the certificates hierarchy expected by gitlab
sudo mkdir -p $(dirname "$CERTIFICATE")
# Get the certificate in PEM format and store it
openssl s_client -connect ${SERVER}:${PORT} -showcerts </dev/null 2>/dev/null | sed -e '/-----BEGIN/,/-----END/!d' | sudo tee "$CERTIFICATE" >/dev/null
# Register your runner
gitlab-runner register --tls-ca-file="$CERTIFICATE" [your other options]
证书必须是正确位置的绝对路径。
:由于gitlab-runner错误#2675,使用自定义CA签名仍可能失败
以上是 Gitlab-CI运行程序:忽略自签名证书 的全部内容, 来源链接: utcz.com/qa/426325.html
