Skip to content

Allow ca_path and ca_file parameters for SMTP email configuration

username-removed-106980 requested to merge Thireus/omnibus-gitlab:master into master

Without ca_path or ca_file custom CA certs are not taken into account during the SMTP SSL/TLS handshake. This is because the cert_store context is incorrectly provided to smtp.rb.

The SSL_CERT_DIR or SSL_CERT_FILE env vars are also not taken into account by smtp.rb.

Since the SMTP email configuration allows the use of CApath and CAfile for OpenSSL, it should be allowed to set these parameters as a workaround.

Example of use:

gitlab_rails['smtp_ca_path'] = "/etc/ssl/certs"

gitlab_rails['smtp_ca_file'] = "/etc/ssl/certs/ca-certificates.crt"

Please merge.

Merge request reports