Self-Signed Certificates

PostLab Local requires HTTPS, so you must create a self-signed certificate to install on the server and all clients.

1. Install Packages

root@server:~# apt-get install openssl ca-certificates
root@server:~# mkdir certs
root@server:~# cd certs
root@server:~/certs#

2. Generate a Private Key

root@server:~/certs# openssl genrsa -out server.key 2048
Generating RSA private key, 2048 bit long modulus
..........+++
...........................................+++
e is 65537 (0x10001)
root@server:~/certs#

3. Generate a Certificate Signing Request

root@server:~/certs# openssl req -new -key server.key -out server.csr
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]: CU
State or Province Name (full name) [Some-State]:Cuba
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Home Lan
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:*.edu.cu
Email Address []:

Please enter the following `extra` attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

4. Create a Self-Signed Certificate

root@server:~/certs# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
Signature ok
subject=/C=CU/ST=Cuba/O=Home Lan/CN=*.edu.cu
Getting Private key
Enter pass phrase for server.key:
root@server:~/certs#

5. Install a Private Key and Self-Signed Certificate

root@server:~/certs# cp server.key /etc/ssl/private/
root@server:~/certs# cp server.crt /etc/ssl/certs/

Name the resulting files after your hostname, then copy those files into /etc/gitlab/ssl/ .

For example, if your GitLab server's hostname is gitlab.edu.cu, you would name your files this way:

/etc/gitlab/ssl/gitlab.edu.cu.key
/etc/gitlab/ssl/gitlab.edu.cu.crt

Finally, you'll need to add the self-signed certificate to each computer using the PostLab Local client.

Download the certificate from the PostLab Local server.
Double-click the certificate file.
Set Trust > When using this certificate: to Always Trust.

Full details for adding certificates to each computer are available here.

Finally, configure each Mac for PostLab Local, then install and activate the PostLab Local Client on each Mac.

Last updated 10 months ago

root@server:~/certs# openssl genrsa -out server.key 2048 Generating RSA private key, 2048 bit long modulus ..........+++ ...........................................+++ e is 65537 (0x10001) root@server:~/certs#

root@server:~/certs# openssl req -new -key server.key -out server.csr You are about to be asked to enter information that will be incorporated into your certificate request. What you are about to enter is what is called a Distinguished Name or a DN. There are quite a few fields but you can leave some blank For some fields there will be a default value, If you enter '.', the field will be left blank. ----- Country Name (2 letter code) [AU]: CU State or Province Name (full name) [Some-State]:Cuba Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]:My Home Lan Organizational Unit Name (eg, section) []: Common Name (e.g. server FQDN or YOUR name) []:*.edu.cu Email Address []: Please enter the following `extra` attributes to be sent with your certificate request A challenge password []: An optional company name []:

root@server:~/certs# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt Signature ok subject=/C=CU/ST=Cuba/O=Home Lan/CN=*.edu.cu Getting Private key Enter pass phrase for server.key: root@server:~/certs#