Moon Light Box

Time is Money

GitLab - CI Runner Register x509 Error

| Comments

When you follow GitLab Document to install and set by

# gitlab-ci-multi-runner register

And you will occur x509 self-signed certificate error.

ERROR: Registering runner... failed runner=SScdJmzB status=couldn't execute POST against Post certificate for because it doesn't contain any IP SANs
PANIC: Failed to register this runner. Perhaps you are having network problems

"It doesn't contain any IP SANs" error is caursed by invalid CN (default used domain name instead of IP).
So we need to modify openssl configuration in GitLab server (not GitLab CI Runner server).

# vim /etc/pki/tls/openssl.cnf

[ v3_ca ]
subjectAltName=IP: <---- Add this line. is your GitLab server IP.

Then re-generate self-signed CA.

# cd /etc/gitlab/ssl
# openssl req -x509 -nodes -days 3650 -newkey rsa:4096 -keyout /etc/gitlab/ssl/ -out /etc/gitlab/ssl/
# openssl dhparam -out /etc/gitlab/ssl/dhparam.pem 4096
# gitlab-ctl restart

Copy the new CA to GitLab CI Runner server.

# scp /etc/gitlab/ssl/ root@


comments powered by Disqus