Install Ssl On Google App Engine

5 days ago
Admin
4 minutes

Create PEM File:

  • Open a text editor and copy the entire certificate details and paste into the text editor in following order:
    • Primary certificate: domain_name.crt
    • Intermediate certificate: certificate_provider.crt
  • Add “BEGIN CERTIFICATE” and “END CERTIFICATE” mark on each certificate.
  • The text file will be looking as follows:
-----BEGIN CERTIFICATE-----

(Your Primary SSL certificate: domain_name.crt)

-----END CERTIFICATE-----

-----BEGIN CERTIFICATE-----

(Your Intermediate certificate: certificate_provider.crt)

-----END CERTIFICATE-----
  • Now save the file with name as domain_name.pem

Activate SSL for Custom Domain in the Google App Engine

For activation of SSL certificate for a custom domain, you have to add your app into Google App. If you have already added the app into Google App, then just skip the below mentioned first step.

  1. Login to your Google Apps Account. To add your app as a service in Google App, browse More Controls > App engine Apps > Add Service. Now Provide application ID and Proceed by clicking “Add it now” button, accept the terms of agreement & Proceed by clicking the Activate button.
  2. Now connect your app to Google Apps and map it to the subdomain and there will be an app URL like App-ID.appspot.com. If you want to allow users to access the primary domain with Google app account, then Proceed by clicking “Add new URL” button. After that, Provide sub domain URL like app.yoursite.com or www. yoursite.com
  3. You should Proceed by clicking Enable SSL for App Engine Applications by following Security > Advance Settings > Show More > SSL for Customer Domains and Provide App ID to activate SSL certificate.
  4. Now, you will be redirected to App Engine Admin Console of the application.

Configure SSL for Custom domains in Google app Engine

Configuration of SSL certificate includes uploading and configuration of the SSL certificate. First, we discuss on uploading the SSL certificate into the Google Admin Console.

Uploading SSL Certificate:

  • First, login into the Google Admin console
  • Proceed by clicking Security > Advanced Settings > Show More (optional) > SSL for Custom Domains.
  • Now, Proceed by clicking Configure SSL Certificates that will land you on the SSL configuration page.
  • Proceed by clicking Upload a new certificate button.

  • Now, under PEM encoded X.509 certificate, Choose Choose File to locate and select domain_name.pem certificate file.
  • Under unencrypted PEM encoded RSA private key, Proceed by clicking choose file and select domain_name.key private key file ( a private key file that you got at the time of CSR generation).
  • After selecting PEM X.509 certificate file and private key file, Proceed by clicking the upload button.

Configuration of SSL Certificate:

  • When you have completed uploading process of certificate and key files, then choose “Serving mode” option on the page.

  • During configuration, there will be three Serving mode options available like Not Serving, SNI (server name indication) and SNI + VIP:<a VIP number>.**VIP = Virtual IP**. You have to select one of these three serving mode options on the base of your server type.

  • After selecting the serving mode, you can assign matching URLs in two ways: you can add each matching URL by selecting from the drop down box and Proceed by clicking Add button or you can add multiple matching URLs with a Proceed by clicking “Assign all matching URLs”.

Note: If you don’t have any URLs to assign, You can assign it Using a Custom Domain guideline provided by the Google app Engine.

  • You have to change CNAME (basic resource record in DNS) details of the URL and for that, you have to contact DNS service provider. Learn how to create CNAME record in Google App Engine.
  • Proceed by clicking the save button and your SSL certificate is uploaded and configured successfully.