stackoom
  简体   繁体   中英

GAE SSL cert requirements

 原文  2012-12-31 18:01:16       google-app-engine/ ssl/ subdomain/ alias

Question

I need some help with setting up SSL for an app on GAE. I have a domain associated with my GAE app, through a Custom Domain managed with Google Apps. However my app is being accessed through a url belonging to an Alias. So for example my Google apps domain is abc.com and has an alias cde.com, my Appengine app is being accessed using the url https://cde.com

Now I'm trying to set up SSL and I've uploaded Certificates to Google Apps. Unfortunately I'm unable to use this certificate for my appengine app because it seems that domain aliases are not being recognized. I read the Certificate Requirements and it states:

Single Domain/Hostname Self-signed Wildcard Subject Alternative Name

Dosen't this mean that domain aliases would be supported by SSL on Appengine?

2 answers

solution1
 1  2013-09-18 10:06:01

I'll try and it work's:

1- create config file 

[req] 
distinguished_name = req_distinguished_name 
x509_extensions = v3_req 
prompt = no 
[req_distinguished_name] 
C = FR 
ST = HS 
L = Somewhere 
O = Organisation
OU = Organisation_Unit 
CN = *.yourcustomaliasdomain.com 
[v3_req] 
keyUsage = keyEncipherment, dataEncipherment 
extendedKeyUsage = serverAuth

Don't forget to replace *.yourcustomaliasdomain.com by domain config on app engine

2- Create RSA Key 

openssl genrsa -out key.pem 2048

3- Create request signature 

openssl req -new -key key.pem -out request.pem -config config

config is the config file

4- Create certificate 

openssl x509 -req -days 3650 -in request.pem -signkey key.pem -out cert.pem

5- Upload and configure

Upload cert.pem and key.pem on your google apps console as explain here Choose your ssl type, normaly app engine url must match your certificate and you can add it.

solution2
 0  2013-10-04 10:56:15

Currently only the primary Google Apps domain is supported for SSL.

Also, it should be noted that @Ipe's answer created a self-signed certificate which will not be trusted by any browser and thus should only be used for development.

I found setting up SSL for app engine to be hard so I created a service to make it easier: http://www.volcanicpixels.com/ssl/

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Highcharts over SSL on GAE GAE SSL for custom domain impossible? GAE Python - libs on my requirements.txt are not installed Anyone using Full SSL for CloudFlare => GAE? 2-way SSL for web services on GAE (java) Unable to setup GAE SSL for a custom domain Google Cloud with Google Domain, static website ssl cert not valid Google Cloud Platform renewed SSL cert stops app from serving My custom domain and SSL Cert missing from console How to protect GAE db without using SSL when client is Android
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM