堆栈内存溢出
  简体   繁体   English

GAE SSL证书要求

[英]GAE SSL cert requirements

 原文  2012-12-31 18:01:16       google-app-engine/ ssl/ subdomain/ alias

问题描述

I need some help with setting up SSL for an app on GAE. 在GAE上为应用设置SSL时,我需要一些帮助。 I have a domain associated with my GAE app, through a Custom Domain managed with Google Apps. 我有一个通过我的Google Apps管理的自定义域与我的GAE应用关联的域。 However my app is being accessed through a url belonging to an Alias. 但是,我的应用程序是通过属于Alias的URL访问的。 So for example my Google apps domain is abc.com and has an alias cde.com, my Appengine app is being accessed using the url https://cde.com 因此,举例来说,我的Google Apps域是abc.com,并且别名为cde.com,可以使用URL https://cde.com访问我的Appengine应用

Now I'm trying to set up SSL and I've uploaded Certificates to Google Apps. 现在,我正在尝试设置SSL,并且已将证书上传到Google Apps。 Unfortunately I'm unable to use this certificate for my appengine app because it seems that domain aliases are not being recognized. 不幸的是,我似乎无法对我的appengine应用程序使用此证书,因为似乎无法识别域别名。 I read the Certificate Requirements and it states: 我阅读了证书要求,其中指出:

Single Domain/Hostname Self-signed Wildcard Subject Alternative Name 单个域/主机名自签名通配符使用者备用名称

Dosen't this mean that domain aliases would be supported by SSL on Appengine? 这是否意味着Appengine上的SSL将支持域别名?

2 个解决方案

解决方案1
 1  2013-09-18 10:06:01

I'll try and it work's: 我会尽力而为的:

1- create config file 1-创建配置文件 

[req] 
distinguished_name = req_distinguished_name 
x509_extensions = v3_req 
prompt = no 
[req_distinguished_name] 
C = FR 
ST = HS 
L = Somewhere 
O = Organisation
OU = Organisation_Unit 
CN = *.yourcustomaliasdomain.com 
[v3_req] 
keyUsage = keyEncipherment, dataEncipherment 
extendedKeyUsage = serverAuth

Don't forget to replace *.yourcustomaliasdomain.com by domain config on app engine 不要忘记在应用程序引擎上通过域配置替换* .yourcustomaliasdomain.com

2- Create RSA Key 2-创建RSA密钥 

openssl genrsa -out key.pem 2048

3- Create request signature 3-创建请求签名 

openssl req -new -key key.pem -out request.pem -config config

config is the config file config是配置文件

4- Create certificate 4-创建证书 

openssl x509 -req -days 3650 -in request.pem -signkey key.pem -out cert.pem

5- Upload and configure 5-上传并配置

Upload cert.pem and key.pem on your google apps console as explain here Choose your ssl type, normaly app engine url must match your certificate and you can add it. 按照以下说明 Google Apps控制台上上传cert.pem和key.pem。选择您的SSL类型,通常,应用引擎网址必须与您的证书匹配,然后您可以添加它。

解决方案2
 0  2013-10-04 10:56:15

Currently only the primary Google Apps domain is supported for SSL. 目前,SSL仅支持主Google Apps域。

Also, it should be noted that @Ipe's answer created a self-signed certificate which will not be trusted by any browser and thus should only be used for development. 另外,应该注意,@ Ipe的答案创建了一个自签名证书,该证书不会被任何浏览器信任,因此只能用于开发。

I found setting up SSL for app engine to be hard so I created a service to make it easier: http://www.volcanicpixels.com/ssl/ 我发现为应用程序引擎设置SSL非常困难,因此我创建了一项服务使其变得更容易: http : //www.volcanicpixels.com/ssl/

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 GAE上基于SSL的Highcharts - Highcharts over SSL on GAE GAE SSL不适用于自定义域名? - GAE SSL for custom domain impossible? GAE Python - 我的 requirements.txt 上的库未安装 - GAE Python - libs on my requirements.txt are not installed 有人对CloudFlare使用完全SSL => GAE吗? - Anyone using Full SSL for CloudFlare => GAE? GAE上的Web服务的双向SSL(java) - 2-way SSL for web services on GAE (java) 无法为自定义域设置GAE SSL - Unable to setup GAE SSL for a custom domain 带有Google Domain的Google Cloud,静态网站ssl证书无效 - Google Cloud with Google Domain, static website ssl cert not valid Google Cloud Platform更新的SSL证书停止了应用的投放 - Google Cloud Platform renewed SSL cert stops app from serving 控制台中缺少我的自定义域和 SSL 证书 - My custom domain and SSL Cert missing from console 客户端为Android时如何在不使用SSL的情况下保护GAE数据库 - How to protect GAE db without using SSL when client is Android
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM