Skip to content
This repository has been archived by the owner on Aug 23, 2018. It is now read-only.
/ certbot-gae Public archive

Let's Encrypt Certbot for usage in Google Cloud Shell for Google App Engine.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

LowieHuyghe/certbot-gae

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits

bin

bin

 
 

config

config

 
 

logs

logs

 
 

work

work

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

certbot-auto-gae

certbot-auto-gae

 
 

fix-privkey-gae

fix-privkey-gae

 
 

Repository files navigation

Certbot GAE

Let's Encrypt Certbot for usage in Google Cloud Shell for Google App Engine.

By default Certbot is not usable in Google Cloud shell as the machine resets after some time. This will help you with that.

Installation

  1. Open up Google Cloud Shell in Google Cloud Console.
  2. Clone the project somewhere in your home-directory:
git clone git@github.com:LowieHuyghe/certbot-gae.git
  1. Move into the new directory:
cd certbot-gae
  1. certbot-auto-gae and fix-privkey-gae should be executable by default. If not, run:
chmod a+x certbot-auto-gae fix-privkey-gae
  1. Run certbot-auto-gae like you would run certbot-auto

Note: The directory should be located in the home-directory. The machine resets after some time only leaving the home-directory intact. We need the intact directory so we don't lose your config and accounts.

Usage for Google App Engine

  1. Start requesting an SSL-certificate:
certbot-auto-gae certonly --manual

Answer the initial questions, supply your domains and stop at the moment you have to serve the acme-challenges on the web-server. Don't press Enter till it does so. 2. In another terminal, add the following handler to the app.yaml of your application:

- url: /\.well-known/acme-challenge/([\w\d_-]+)$
 static_files: public/.well-known/acme-challenge/\1
 upload: public/\.well-known/acme-challenge/([\w\d_-]+)$
 secure: optional

This will make the acme-challenges accessible. 3. Add the acme-challenges provided by the certbot to your application:

printf "%s" acme-challenge-content > public/.well-known/acme-challenge/acme-challenge-file
  1. Deploy the app to Google App Engine and make sure that the acme-challenge is reachable and correct.
  2. Go back to the certbot waiting for your approval to check, and press Enter.
  3. If everything went well, the new certificate will be located in config/live/yourdomain.com.
  4. In Google App Engine, you can serve the fullchain.pem-file as public key certificate, and the privkey-rsa.pem-file as RSA private key to your new SSL-certificate. Detailed instructions on how to do this can be found in the Official Documentation.
  5. Browse secure!

Note: Google App Engine expects an RSA private key instead of the default private key given by Let's Encrypt. The default key should be converted to an RSA key by fix-privkey-gae in certbot-auto-gae. If not, run fix-privkey-gae to convert the existing private keys.

Sources

About

Let's Encrypt Certbot for usage in Google Cloud Shell for Google App Engine.

Topics

letsencrypt certificate google-appengine certbot google-app-engine

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages