I subscribed to Google cloud computing engine, I just want to ask is there free SSL CERT ? because I want my website to run https .
Thank you in advance.
letsencrypt and renew it every 3 months or setup script for automatic renewal, or just pay a few dollars to get proper SSL. I found one only $3.88/year, just try to google for it.
Related
I want to deploy a ReactJS application on the AWS S3 (which I managed to do successfully). Now I need to make it HTTPS with lowest cost possible. How can I do this? A quick google search gave me something called Amazon CloudFront I am confused over there that do I need to have a Dedicated IP SSL Certificate to deploy my react application with HTTPS ?
I have referred to this question on deployment with S3.
Thanks
If you are trying to find things in detail, You can have a quick look here. Its just 2 minute reading and cover following things.
React Js deployment with Https cloud front
Subdomain
Configure AWS CLI and deploy build through command
https://bluebash.co/blog/react-deployment-with-aws-ssl-https-with-subdomain/
Answer to Why We need to use Cloudfront is :
Note: We need to do this because SSL certificates can only be assigned to cloudfront distributions or AWS ELB, so you need to create
one to enable SSL for your static website.
There are few steps involved in this , assuming you have site properly set up with HTTP end working here are some steps :
1) You need to Request SSL Certifcate from AWS (ACM) it is free and you would not be chraged for this you follow this AWS Documentation
Enter one or more domain names, you want to create a SSL certificate
for. You can even use a wildcard.
Verify the email you will get to email address associated witht the
domain.
Note: Choose Region as per your s3 bucket as Cloudfront only accepts certificates hosted in region us-east-1
2) Now you need to create Cloudfront Distribution :
Create a new Web distribution and select your S3 bucket as Origin
Domain Name. Select HTTPS Only for Viewer Protocol Policy.
In the Distribution Settings section enter your domain name you want
to host your static files on.
Beside that keep all the default settings and click “Create
distribution”.
3) Now Assign the SSL certificate to your Cloudfront distribution
Go back to Cloudfront and edit your distribution. Now you should be
able to select your brand new SSL certificate.
Hope This Helps..
My website runs on Google App Engine and is so far accessed via HTTP. I would like to change that to HTTPS. However, using the appspot.com domain instead of my own domain is not an option for me.
Is there any straightforward way to do so without having to deal with manually managing (updating etc.) certificates?
Now, when you build apps on App Engine, SSL is on by default — you no longer need to worry about it or spend time managing it. We’ve made using HTTPS simple: map a domain to your app, prove ownership, and App Engine automatically provisions an SSL certificate and renews it whenever necessary, at no additional cost. Purchasing and generating certificates, dealing with and securing keys, managing your SSL cipher suites and worrying about renewal dates — those are all a thing of the past.
To get started with App Engine managed SSL certificates, simply head to the Cloud Console and add a new domain. Once the domain is mapped and your DNS records are up to date, you’ll see the SSL certificate appear in the domains list. And that’s it. Managed certificates is now the default behavior — no further steps are required!
https://cloudplatform.googleblog.com/2017/09/introducing-managed-SSL-for-Google-App-Engine.html
No. You have to buy and upload your own certificate. The process is quite straightforward, though.
Hello people and GAE/Google Apps for Business support,
We can´t configure SSL for our custom domain. Our project number is 340915567134
We follow https://support.google.com/a/answer/2644334?hl=en ; but the "show more" link do not appear.
We follow https://developers.google.com/appengine/docs/ssl but again; we do not see it in the Google Apps for Business new control panel (security).
We have the DNS ready and verify; we have the GAE project runnig, we have billing in Google Apps and GAE.
We do not know what can be. The only thing we see in the official documentation of GAE is
"You must have an App Engine application with billing enabled that has
cleared at least one billing charge; use this application when
enabling SSL."
The question is: must we wait for the first month to pay and then the option will be enabled (show)??
Thank you in advance,
carlos
I carlos.
To do that I use a cluodflare account Pro. It cost 20$ per month for the first domain and 5$ per month by supplementary domain. You benefit of SSL encryption with your domain name without bye a personal certificate. In more Cloudflare provide services like DDOS protection, SPDY protocol, caching system for your site, ...
I followed the steps detailed here to use a custom domain with google app engine.
I'm the admin of the Google Apps account
I'm the owner of the Google App Engine account
I've added the domain to my Google Apps account through my App Engine account
I see my App Engine app in my Google Apps account
I set the CNAME "test" to point to ghs.googlehosted.com
I added the web address under my Google Apps account and it says "Your users can access my-app-id at: test.mydomain.com
Now when I go to http://test.mydomain.com, it redirects to https://test.mydomain.com and I get an SSL connection error (Unable to make a secure connection to the server.)
I called Google Apps customer support because I have a paid business account, but the customer service guy said that this falls under App Engine support and he was not trained in this issue.
Help!
If you've done everything correctly, you should be able to access your site at http://test.mydomain.com. It sounds from the error you're getting that you're attempting to access it at https://test.mydomain.com (https as opposed to http).
If you want to access your app over SSL at your custom domain, you have more setup to do, as documented here: SSL for a Custom Domain. The steps necessary are many and subject to change; that link is the official source of current information on the matter.
Update: From your updated information, it sounds like you may have secure: always set in your app.yaml, or the Java-configuration equivalent of this setting. It would be helpful if you posted your configuration file.
Also note that it takes several minutes for Google to add a certificate on a domain you recently imported (it may require time for DNS configuration to spread). I personally didn't need to add any secure: configuration, it just worked after some time.
We are starting a very large web based service project. We are trying to decide what hosting environment to use. We would really like to use Google App Engine for scalability reasons and to eliminate the need to deal with servers ourselves.
Secure logins/registrations is very important to us, as well as using our own domain. Our target audience is not very computer savvy. For this reason, we don't want to have the users have to sign up with OpenID as this can't be done within our site. We also do not want to force our customers to sign up with Google.
As far as I can see, I am out of luck. I am hoping to have a definite answer to this question. Can I have an encrypted login to our site accessed via our domain, without having to send the customers to another site for the login (OpenID/Google).
Thanks.
The hardest part is getting around the cookie issue. While you can do secure and custom logins against https://yourdomain.appspot.com, you cannot set a cookie there that will work on http://yourdomain.com.
Here is what I propose:
When you need to log the user in, send them to https://yourdomain.appspot.com. If they enter the credentials properly, create a one-time token and place it either in the datastore or in memcache. Give it a lifetime of a few seconds.
Then redirect the user back to http://yourdomain.com/authenticate?token=mytoken (obviously substitute the names as appropriate), check to make sure that the token is valid and has not expired, and if all is clear, set the appropriate cookies and expire the token.
I think that'd work just fine. Hope it helps!
As of June 27, 2012, App Engine supports SSL for custom domains.
http://googleappengine.blogspot.com/2012/06/google-app-engine-170-released-at.html
There is nothing stopping you from creating your own authentication/registration mechanism with Google App Engine. The only problem is that Google App Engine currently only supports HTTPS via https://yourid.appspot.com and not your Google Apps Domain (i.e. https://www.foobar.com). However, this is on the product roadmap for future support (SSL for third-party domains). Note, also on the product roadmap is built-in support for OAuth & OpenID.
Update: Another option may be to use a proxy server (like Apache with mod_proxy) and map your domain to the proxy server and then the proxy server can proxy the HTTP and HTTPS requests to Google App Engine. The requests could be proxied to the appspot.com domain behind the scenes. I haven't actually done this, but I believe it should work. However, this would give you a single point of failure at the proxy server which basically defeats the purpose of Google App Engine's high-availability and scalability. This would definitely just be a short-term solution until Google supports SSL for third-party domains or OpenID.
Depending on whether your threat model can accept a non-encrypted link on the "last hop" to GAE, you can use a proxy to handle SSL from the browser. Here's a HOWTO I wrote up on using CloudFlare to get always-on SSL:
http://blorn.com/post/20185054195/ssl-for-your-domain-on-google-app-engine
This isn't structurally any different than the way SSL from Google will work, it's just that Google-provided SSL will terminate within G's network rather than just outside it. If you're trying to protect against Firesheep, CloudFlare (or any other SSL proxy) will do fine. If you're worried about snoops on the trunk connection between CF and Google, you may want a more sophisticated solution.