setup SSL Certification on google cloud
SSL Configure Certificate on google cloud computer
- Purchase SSL Certification on (domain provides/hosting provider)
- Run these commands first.
- -> run :- a2enmod ssl (enable ssl)
- -> run :- a2ensite default-ssl
- -> sudo service apache2 restart
- #create a folder
- -> mkdir /etc/apache2/ssl (Create a folder)
- -> cd /etc/apache2/ssl/
- -> service apache2 reload (Reload Server)
- Create KEY and Private KEY
- https://www.digicert.com/easy-csr/openssl.htm
- Convert www_example_com.key to www_example_com.key.pem
- openssl rsa -in www_example_com.key -out www_example_com.key.pem
- Concatinate the all csr file when purchase or generate ssl key
- cat www_example_com.crt ASecureServerCA.crt ATrustCA.crt ATrustExternal.crt > concat.crt
- To verify that the private key and certificate match, use the following commands:
- -> openssl x509 -noout -modulus -in concat.crt | openssl md5
- -> openssl rsa -noout -modulus -in www_example_com.key.pem | openssl md5.
- Both commands should return the same output.
- Open Apache2 /etc/sites-enabled/default-ssl-conf.
- And update these changes
- -> /etc/apache2/sites-enabled/default-ssl.conf
- SSLCertificateFile /etc/apache2/ssl/concat.crt
- SSLCertificateKeyFile /etc/apache2/ssl/www_example_com.key
- ( Also comment on previous
- #SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
- #SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
- )
- After that run these file :- openssl s_client -connect localhost:443
- Add Custom Domain on google cloude computer APP Engine -> App engine section -> setting -> Custom Domains (Need verify domains)
- Custom domain name -> www.bat11.co.in
- SSL support -> my-cert-1
- Record type -> CNAME
- Data -> ghs.googlehosted.com
- Alias ->www
- After that upload SSL Certification on google cloude computer in -> App engine section -> setting -> SSL Certificates
- -> upload concatinated file (concat.crt) on first section
- -> upload private key on www_example_com.key.pem
If still domain mapping give you an error that – domain is already mapped with another project.
Then open this url
https://cloud.google.com/appengine/docs/admin-api/reference/rest/v1/apps.domainMappings/create
- Enter project application id in appsId.
- Select Override in the overrideStrategy.
- Enter domain full name in the id like, example.com and www.example.com
- Press execute.
- Again check in the App engine’s setting -> custom domain and set the SSL.