SSL Firebase 云函数证书
[英]SSL Certificate for Firebase Cloud Functions
问题描述
Strange request, but is it possible to get a SSL certificate for my Firebase cloud functions?
奇怪的请求,但我的 Firebase 云函数是否有可能获得 SSL 证书?
I can't find anything about this online, just just vague stackoverflow answer我在网上找不到任何相关信息,只是模糊的stackoverflow 答案
1 个解决方案
解决方案1
5 已采纳 2021-01-14 11:51:27
SSL for cloudfunctions.net SSL 用于cloudfunctions.net
Google has a "miscellaneous" SSL certificate that certifies connections to cloudfunctions.net and it's subdomains called misc.google.com (which isn't a website) (this certificate is shared by 150+ miscellaneous domains under the Google umbrella). Google 有一个“杂项”SSL 证书,用于证明与cloudfunctions.net的连接及其名为misc.google.com的子域(这不是网站)(此证书由 Google 保护伞下的 150 多个杂项域共享)。 This certificate is used whenever you try to connect to one of your cloud functions when it's web address starts with https://<region>-<project-id>.cloudfunctions.net .每当您尝试连接到其中一个云功能时,当它的 web 地址以https://<region>-<project-id>.cloudfunctions.net开头时,就会使用此证书。 You can see this certificate for yourself by visiting the URL of one of your functions and obtaining the certificate from the padlock icon next to the URL.您可以通过访问其中一项功能的 URL 并从 URL 旁边的挂锁图标获取证书来亲自查看此证书。
SSL for Cloud Functions behind Firebase Hosting SSL 用于 Firebase 托管背后的云功能
You can use rewrites on Firebase Hosting to serve your Cloud Functions from the same domain as your website and these connections will use the same SSL certificate issued to your domain.您可以在 Firebase 托管上使用重写来从与您的网站相同的域为您的云功能提供服务,这些连接将使用颁发给您的域的相同 SSL 证书。 In a similar fashion to the cloudfunctions.net domain, the certificate used for this is shared amongst around 100 unrelated domains hosted using Firebase Hosting (which helps keep costs down for Firebase, but not harming security all too much).以类似于cloudfunctions.net域的方式,用于此的证书在使用 Firebase 托管的大约 100 个不相关域之间共享(这有助于降低 Firebase 的成本,但不会过多地损害安全性)。
Note: When hosting functions behind Firebase Hosting, the results of your functions may be cached by the Firebase Hosting CDN and because the CDN is internal to the Firebase.network, your function may be called using only HTTP rather than HTTPS. As an example, if you have a HTTPS Function called somefunction at https://functionsexample.com/somefunction , in addition to using the SSL certificate for functionsexample.com , the request will first hit the Firebase CDN, and if not cached, the CDN will call http://<region>-<projectid>.cloudfunction.net/somefunction (with x-appengine-* headers) and pass the result back, caching it as appropriate.注意:当在 Firebase Hosting 后面托管函数时,您的函数的结果可能会被 Firebase Hosting CDN 缓存,并且因为 CDN 是 Firebase.network 内部的,所以您的 function 可能仅使用 HTTP 而不是 HTTPS 来调用。例如, if you have a HTTPS Function called somefunction at https://functionsexample.com/somefunction , in addition to using the SSL certificate for functionsexample.com , the request will first hit the Firebase CDN, and if not cached, the CDN will call http://<region>-<projectid>.cloudfunction.net/somefunction (带有x-appengine-*标头)并将结果传回,适当地缓存它。 In my experience you can detect these "HTTP-call-from-the-CDN" requests by looking at the x-appengine-https header. (This last bit of info may be outdated, probably subject to change at any time and likely to be corrected in this answer's comments by Frank, Doug or an actual Firebase staff member)根据我的经验,您可以通过查看x-appengine-https header 来检测这些“来自 CDN 的 HTTP 调用”请求。(这最后一点信息可能已过时,可能随时更改并且可能由 Frank、Doug 或实际的 Firebase 工作人员在此答案的评论中更正)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.