18

I am new to Google Cloud Platform.

I bought a wildcard SSL and would like to know how to install Wildcard SSL into a Google Cloud Compute instance?

I used Cloud Shell to generate a CSR on Google Cloud Platform by using the following line of command, openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr

I managed to activate my certification and received the ca-bundle files.

But I don't know what's the next step to install the SSL. I can't find anything about SSL in the Google Compute Engine tab.

How to install a SSL certificate on Google Cloud Platform

As the website above show, I must activate my SSL via App Engine but I have doubt on it.

Improve this question

1 Answer 1

Reset to default
14

There are different scenarios where SSL certificates can be used in GCP. The steps of the document you have linked applies for GAE but not for GCE.

If you have GCE instances running behind a load balancer, the certificate must be uploaded there. You can find the details on this article.

If you are not using a GCE LB and instead your instances are serving traffic directly, you must configure the certificate on the server. I.e. for NGINX you can follow these instructions.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

If you have GCE VM's behind a GCE LB, you should ('must' under most compliance scenarios) have SSL/TLS terminated on the VM as well as on the LB because the LB-to-VM traffic is publicly routed (LB's are outside firewalls). I can't find specific tooling to help with that, particularly for using SA-signed (non-spoofable) certs for autoscaled vm's behind a LB.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.