diff --git a/docs/integrations/cicd/gitlab.mdx b/docs/integrations/cicd/gitlab.mdx index 11b1975511..c6d72a11ea 100644 --- a/docs/integrations/cicd/gitlab.mdx +++ b/docs/integrations/cicd/gitlab.mdx @@ -82,7 +82,7 @@ description: "How to sync secrets from Infisical to GitLab" Using the GitLab integration on a self-hosted instance of Infisical requires configuring an application in GitLab and registering your instance with it. - If you're self-hosting Gitlab with custom certificates, you will have to configure your Infisical instance to [trust these certificates](../../self-hosting/guides/custom-certificates). + If you're self-hosting Gitlab with custom certificates, you will have to configure your Infisical instance to trust these certificates. To learn how, please follow [this guide](../../self-hosting/guides/custom-certificates). Navigate to your user Settings > Applications to create a new GitLab application. diff --git a/docs/self-hosting/guides/custom-certificates.mdx b/docs/self-hosting/guides/custom-certificates.mdx index c43d64636e..67b258d08a 100644 --- a/docs/self-hosting/guides/custom-certificates.mdx +++ b/docs/self-hosting/guides/custom-certificates.mdx @@ -1,24 +1,26 @@ --- title: "Adding Custom Certificates" -description: "Learn how to Configure Infisical with Custom Certificates" +description: "Learn how to configure Infisical with custom certificates" --- -Follow these steps to configure trust for custom certificates. This is helpful for connecting Infisical with self-hosted services like GitLab. +By default, the Infisical Docker image includes certificates from well-known public certificate authorities. +However, some integrations with Infisical may need to communicate with your internal services that use private certificate authorities. +To configure trust for custom certificates, follow these steps. This is particularly useful for connecting Infisical with self-hosted services like GitLab. ## Prerequisites - Docker -- Standalone Infisical image +- Standalone [Infisical image](https://hub.docker.com/r/infisical/infisical) - Certificate public key `.pem` files ## Setup -1. Place all your public key `.pem` files in a single directory. +1. Place all your public key `.pem` files into a single directory. 2. Mount the directory containing the `.pem` files to the `usr/local/share/ca-certificates/` path in the Infisical container. -3. Add the following environment variable to the Infisical container's configuration: +3. Set the following environment variable on your Infisical container: ``` NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt ``` 4. Start the Infisical container. -By following these steps, your Infisical container will trust the specified certificates, allowing you to securely connect Infisical to your other services. +By following these steps, your Infisical container will trust the specified certificates, allowing you to securely connect Infisical to your internal services.