Right, so a checklist is needed for a website theese days..

• DNS

• DNSSEC, which is close to being simple with a bind server

• HTTP

• HTTPS

• TLS Certificate from Let's Encrypt

A sucessfull validation gives me 5 files:

README
cert.pem
chain.pem
fullchain.pem
privkey.pem

The privkey.pem being …

So I've been struggling with getting TLS working right on my gitlab-pages, all the errors I got were some ~weird~ handshake errors.

140658708418368:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:769:

And querying with curl really didn't offer many clues as to what might be wrong …