I'm currently running GITBLIT on Windows Server 2012 to centrally host our GIT repos. I have been using a self-signed cert as per setup instructions on Gitblit but I want to use an SSL Cert from VeriSign or GoDaddy. It appears that there is no documentation or faq on GitBlit to explain how to generate as csr and how where to load the crt when completed.
Are there any GitBlit users that have been able to install a cert from a verified CA?
Edited: The reason I needed the CA cert imported is because TeamCity would error out because of not verified ssl when setting up a git CVS to run build tests.
Best Answer
I have just gone through the same process as yourself on Windows Server 2008 R2. I wanted a wildcard certificate to work with Gitblit and other services that I wanted to run.
First of all I created the CSR in IIS and installed the certificate into there. I had done this before and was wanting to use the certificate in IIS anyway so this made sense to use IIS for this part of the process. Follow your CA's instructions regarding intermediate certificates as well.
I then had a lot of trial and error to get the next stage to work but got it going by doing the following:
I then used Portecle to open the existing Keystore that was created by Gitblit using the password of gitblit (or whatever was set when you created the keystore). To import the certificate click on Tools, Import Key Pair and browse to the file created above. It will ask you to enter the password for the certificate, then to select a key pair to import and an alias for it.
Once that certificate is in the keystore you can remove the self signed certificate as it is not needed anymore.
I then restarted Gitblit and connected with the hostname matching the certificate and everything was good.
The main problem I was having resulted from not including the whole chain when exporting the certificate from IIS.
I hope this helps as it took me a couple of days to figure it out myself.