Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
unable to set up for Google App Engine #1480
I'm trying to generate an SSL cert to add to Google App Engine. I'll admit to not having a clue about what I'm doing.
when I run
from what I gather from letsencrypt/acme-spec#19 it's trying to connect on port 443 to verify the domain (but I doubt that'll work until I have it set up, catch22?)
I also tried
I'm running all this on an El Capitan Mac I've run
I think the only way you can obtain a certificate for the app engine is with the manual plugin in this way:
./letsencrypt-auto -t -a manual -d yourdomain.com auth
It will use the "file" challenge so it will show you a text string to put in a file.
An easy way could be to add this to your app.yaml file:
In front of "url" you have to put a dash followed from space and then "url". Sorry but the dash is converted from the editor
Then you can press enter a letsencrypt should be able to check the challenge.
Before to be able to upload the script on the google cloud console you also need to convert the private key in RSA. I can do that with this command:
openssl rsa -in privkey.pem -out privkeyRSA.pem
Now you are ready to upload cert and privatekey and enable https in your app engine.
I am not sure about the renew: I have not tried yet.
I was able to generate and install the LE cert for GAE via the manual plugin.
The appengine issue is here: https://code.google.com/p/googleappengine/issues/detail?id=12535 It looks like Google will work on it
I'm just serving simple static pages in Google Cloud with no launched "app" or software packages but setting up the app.yaml was a royal PITA. With the help from above (thanks dgrilli!), here's what I finally got to work. (ps. I'm on Arch Linux and there is a package for letsencrypt so
(and here is the app.yaml insert - markdown won't let me inline this)
- url: /.well-known/acme-challenge/IdJh2tPenuHk5NUns2uaS9AXooLuTl_fHzSbxxxXXXxx static_files: acme.txt mime_type: text/plain upload: acme.txt
I was able to configure the
- url: /.well-known/acme-challenge static_dir: acme-challenge mime_type: text/plain
I just created files in a directory called
When I ran the
referenced this issue
Nov 2, 2016
All the replies here really helped thanks. I ended up forking letsencrypt-nosudo and writing a teeny handler that would accept well known facts (password protected) and managed to automate almost all the process.
You can see the results here
When the cert signer needs well known facts to be served, it posts them to your app engine (no need to keep deploying for each hostname to serve from). Right now I'm putting the result in