GitLab & subdomains

My domain is: --> [Directs to]

I ran this command: ./letsencrypt-auto certonly -a manual -d

It produced this output:

My web server is (include version): Gitlab hosting

The operating system my web server runs on is (include version): Unknown

My hosting provider, if applicable, is: Gitlab &&Google Domains

I can login to a root shell on my machine (yes or no, or I don't know): No

I'm using a control panel to manage my site (no, or provide the name and version of the control panel): I have the Gitlab interface, and the Google Domains control panel.

Anyway, My issue is to do with my domain of ‘’. I was following this tutorial

I use GitLab to host my website, and Google Domains provides the domain name. I was attempting to certify the specific subdomain (Only portion of the domain I am using…I plan on having other subdomains later on…but so far this one is it). I want to specifically certify that subdomain. If it matters: I am using the win10 feature where you can get an Ubuntu console. It says it does not have permission As you can see Here, the vert page works, so that is not my issue. Please any help is appreciated.


You need to create the verification file without the .html extension.




Okay…Not sure if you can help me now…but firefox is yelling at me that the certificate is for *

and not for

How can I fix this?

(I am buying my domain through with Google Domains)


Because your domain name has a CNAME to Therefore, a client will connect to the gitlab servers, and not to any of your servers. And gitlab doesn’t have your certificate. And I don’t think gitlab servers will host for any non-gitlab hostname.


The tutorial linked in the first post seems to indicate that they do? Although my reading of it is that you need to remove the custom domain from GitLab Pages and then re-add it with the certificate (fullchain.pem) and private key. @FPDev-Admin did you do this step?

Now we just need to upload the certificate and the key to GitLab. Go to Settings -> Pages inside your project, remove the old CNAME and add a new one with the same domain, but now you’ll also upload the TLS certificate. Paste the contents of /etc/letsencrypt/live/ (you’ll need sudo to read the file) to the “Certificate (PEM)” field and /etc/letsencrypt/live/ (also needs sudo ) to the “Key (PEM)” field.


Ah, must admit I didn’t read the tutorial :blush:


The lack of built-in Let’s Encrypt support and that annoying bug @jmorahan mentions where you have to delete your domain every time you change your certificate is precisely why I use Netlify on top of GitLab instead of GitLab Pages itself.

Their deploy previews feature is a real timesaver for me as well.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.