Setting up an SSL cert with Google Cloud Load Balancer
I'm trying to setup google cloud load balancer for SSL using a certificate (PositiveSSL) that I generated via a certificate authority.
Via the google cloud shell, here is how I generated the key:
openssl genrsa -out my-key.key 2048
And here is how I generated the CSR (certificate signing request):
openssl req -new -key my-key.key -out my-csr.csr
I then used the CSR to obtain the SSL cert from the certificate authority, and I received the following two files:
- my-crt.crt
- my-ca-bundle.ca-bundle
All tolled, I have the following four files:
- my-key.key
- my-csr.csr
- my-crt.crt
- my-ca-bundle.ca-bundle
The image shown below is the form for creating an SSL cert in Google Cloud Load Balancer:
Can you please direct me as to what information goes where (from the files I have at my disposal). I don't have any files that are in .pem format.
my-crt.crt is the public key certificate
my-key.key is the private key to your certificate
my-ca-bundle.ca-bundle is your certificate chain
Open those files up, copy and paste the content to the form.
This is described in GCP documentation on "Creating and Using SSL Certificates" under the section "Creating an SSL certificate resource from existing certificate files" as per the doc
- In the Public key certificate field, click the Upload button to upload your .crt file or paste the entire contents of your .key file into the field, including the -----BEGIN CERTIFICATE----- and -----END CERTIFICATE----- that enclose the file contents.
- In the Certificate chain field, click the Upload button to upload your .csr file or paste the entire contents of the .csr file into the field, including the -----BEGIN CERTIFICATE REQUEST----- and -----END CERTIFICATE REQUEST----- that encloses the file contents.
- In the Private key certificate field, click the Upload button to upload your private key, using the .key file generated previously. This file uses, for example, -----BEGIN RSA PRIVATE KEY----- and -----END RSA PRIVATE KEY----- to enclose the file contents.
- Configuring https on lighttpd
- Kestrel ignores certificate configuration in code
- How to set custom domain in Nexus Repo without port in URL
- Unable to find valid certification path to requested target - error even after cert imported
- Certificate Rebind in IIS 10 using powershell
- How to import a zscaler certificate into Git
- ERR_CERT_REVOKED only on Smartphones (connection is not secure)
- curl: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate
- Puppet after 5 years, when certificates expire?
- Python - requests.exceptions.SSLError - dh key too small
- SSL error unsafe legacy renegotiation disabled
- "SSL certificate verify failed" using pip to install packages
- Spring 5 WebClient using ssl
- Gitlab doesn't loads new ssl cert and key
- Jetty Invalid SNI issue even when certificate is correct
- SSL on JBOSS AS 7
- "aborting due to insecure configuration" while configuring TLS on Rust rocket server
- How to wrap net.Conn.Read() in Golang
- " An operation was attempted on something that is not a socket" when I try to add SSL authentication
- Error Importing SSL certificate : Not an X.509 Certificate
- SSL verification error at depth 0: unable to get local issuer certificate (20)
- Keycloak SSL setup using docker image
- Make OpenSSL accept expired certificates
- .NET Framework equivalent of IApplicationBuilder.UseForwardedHeaders()
- Setting up SSL on a local xampp/apache server
- Problem when installing Python from source, SSL package missing even though openssl installed
- NGINX to reverse proxy websockets AND enable SSL (wss://)?
- Is it safe sharing Self-signed certificate to other persons?
- curl - Is data encrypted when using the --insecure option?
- SSL certificate installation on Wildfly server