SSL certificate for custom domains in GoogleApps
126 views
Skip to first unread message
Xevi Farrarons Clusella
Aug 13, 2015, 6:07:32 AM8/13/15
to Google App Engine
Hi,
I'm trying to add a SSL certificate to our custom domain through GoogleApps, but I cannot.
When I'm adding the SSL certificate, it appears an error like "the ssl certificate references subdomain outside of managed domain".
Currently we're using GoogleApps for one domain, the first one. The custom domain is not the first domain, just bought it to use on that specific GAE app. So, my question, does I need to open a new account to GoogleApps for that custom domain and then assigning the GAE app to that new account?
Or somebody with the same issue adding a SSL certificate to custom domain in GoogleApps ?
Thanks,
Xevi
Nick
Aug 13, 2015, 3:54:40 PM8/13/15
to Google App Engine
You can use an SSL certificate for a domain alias in Google apps.
First add and verify the domain as an alias domain of your apps account, then follow the normal procedure of adding the app and cert.
Be aware that you cannot send email from the alias domain without adding specific users as Appengine users. You could also look at mailgun or sendgrid etc.
Xevi Farrarons Clusella
Aug 13, 2015, 5:05:35 PM8/13/15
to Google App Engine
Hi Nick,
Thanks for your answer :) It's great to know that I should be able to add the SSL certificate for the alias domain.
Let me explain better:
I follow this procedure: https://support.google.com/a/answer/2644386?hl=en
The domain alias is verified.
But I stuck at point 4. When I press the upload button, it appears a message saying: "the ssl certificate references subdomain outside of managed domain". At the link, where you could read: appenginetest.com, in our case our main domain, but not the alias domain. I think that this is the issue, we cannot select for which domain..
What do you think, how could you add the SSL for the alias domain?
Thanks in advance,
Xevi
Nick (Cloud Platform Support)
Aug 17, 2015, 7:00:28 PM8/17/15
to Google App Engine
Hi Xevi,
I think the error message might be saying your certificate contains references to domains which aren't on your verified domain. You should double-check your certificate and check not only the main domain but also any SubjectAltNames.
I think the error message might be saying your certificate contains references to domains which aren't on your verified domain. You should double-check your certificate and check not only the main domain but also any SubjectAltNames.
Xevi Farrarons Clusella
Aug 18, 2015, 4:12:24 AM8/18/15
to Google App Engine
Hi Nick,
Thanks for your answer. The problem could be what you say.
But I just checked the "Active" in the Admin console -> Domains. The domain is active, I think no more actions are required. Is there any other option to make a reverify? What do you mean by checking the "SubjectAltNames (SAN)"?
I bought the domain in Dinahosting, could it be this the problem?
Thanks for your help.
Xevi
Patrice (Cloud Platform Support)
Aug 21, 2015, 2:06:16 PM8/21/15
to Google App Engine
Hey Xevi,
Maybe the following article will help you here :).
It will require openSSL, but will give you all you need to verify this afterwards.
Cheers!
Xevi Farrarons Clusella
Aug 25, 2015, 11:20:54 AM8/25/15
to Google App Engine
Hi Patrice,
Thanks for the tip but this doesn't fix our issue here. I've tried but nothing.
I see more a "GAE" bug or so.
Anyone has the same?
thanks,
Xevi
Nick (Cloud Platform Support)
Aug 31, 2015, 7:45:43 PM8/31/15
to Google App Engine
Hey Xevi,
Nick
You should look up SubjectAltName on google. Perhaps your certificate is referencing subdomains which you haven't verified. Could you provide some screenshots if possible of what you're seeing?
Sincerely,
Nick
Reply all
Reply to author
Forward
0 new messages