Mattermost, Inc.

Wildcard certificates not valid for Gitlab token requests?


GitLab user here. I was just setting up the (now included) Mattermost service and seem to have run into a snag. This is an internal server and we have our own CA that signed the wildcard certificate (* that is used for applications like this. Our CA is a valid root CA on the machine (CentOS 6 latest).

All seems to be fine until Mattermost does the token request, where I get the following logged:

2015-09-24_19:37:41.17151 [09/24/15 13:37:41] [EROR] /signup/gitlab/complete:AuthorizeOAuthUser code=500 rid=y7sb7mek93gitesqhf4qftqikh uid= ip= Token request to gitlab failed [details: Get x509: certificate is valid for *,, not]

The duplicate stuff is in the actual log entry, which is odd also (but maybe just a log error?) The actual certificate should be valid for * on the system, so I’m guessing there is some logic in Mattermost that doesn’t respect wildcards? or something else?

Any guesses would be appreciated…



The line is logged at The detailed error message of “x509: certificate is valid for *,, not” is what we get from golang. See line 89, which would suggest the cert is improperly configured.