SSL for Naked Domain on Existing Project
Devel63
Mohammad I (Cloud Platform Support)
It is appearing the naked custom domain has already been mapped. You can verify that by running the GCLOUD command “gcloud app domain-mappings list” which should show the list of your domains, subdomains and their corresponding certificates or you can run the GCLOUD command “gcloud domains verify DOMAIN” to verify your domain is registered as verified by Google Cloud Platform. After that you can upgrade to Google managed SSL certificates using the GCLOUD command “gcloud app domain-mappings update DOMAIN --certificate-management='AUTOMATIC'” following the instructions outlined here. If you are using your own SSL certificates you should follow the instructions outlined here. After that you should be able to redirect the naked domain to HTTPS on the naked domain.
I have noticed that you have shared your personal information like “Project Id” and custom domain in this Google Groups post. I would advise you to take caution before sharing any personal or project specific information like these in any public forums as they can be used to harm your application.
Dan Stickel
--
You received this message because you are subscribed to a topic in the Google Groups "Google App Engine" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/google-appengine/XNefdPm_jkk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to google-appengi...@googlegroups.com.
To post to this group, send email to google-a...@googlegroups.com.
Visit this group at https://groups.google.com/group/google-appengine.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/05a963c9-0e1b-4b45-83c5-d7fc1c9f646f%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Mohammad I (Cloud Platform Support)
Hello,
I have mainly given you the instructions outlined from two to four of the sections “Adding a custom domain for your application” of the document that you shared. I have noticed that you are using original App Engine SDK which does not have gcloud commands. As a possible workaround you can download Google Cloud SDK for Python from here in a different machine and try to run the gcloud commands. Unfortunately, I do not have the privilege to run the command for you.
On Wednesday, December 12, 2018 at 11:33:07 PM UTC-5, Devel63 wrote:
@Mohammad I, thanks for the response. I think the screen capture shows that we are already using Google managed security. Everything is working except the https://mydomain.comwww.mydomain.com, https://www.mydomain.com, mydomain.com ... all work and end up on https://www.mydomain.comOnly https://mydomain.com does not work.Given that, do you think your advice will still work? Unfortunately, I cannot use gcloud commands, as I use the original App Engine SDK, and will lose access to the appcfg command if I overwrite it with the GCloud SDK (https://cloud.google.com/appengine/docs/standard/python/download bottom of page). Is there another way to do this, or can you do it for me?
On Wed, Dec 12, 2018 at 10:05 PM 'Mohammad I (Cloud Platform Support)' via Google App Engine <goo...ine@googlegroups.com> wrote:
--It is appearing the naked custom domain has already been mapped. You can verify that by running the GCLOUD command “gcloud app domain-mappings list” which should show the list of your domains, subdomains and their corresponding certificates or you can run the GCLOUD command “gcloud domains verify DOMAIN” to verify your domain is registered as verified by Google Cloud Platform. After that you can upgrade to Google managed SSL certificates using the GCLOUD command “gcloud app domain-mappings update DOMAIN --certificate-management='AUTOMATIC'” following the instructions outlined here. If you are using your own SSL certificates you should follow the instructions outlined here. After that you should be able to redirect the naked domain to HTTPS on the naked domain.
I have noticed that you have shared your personal information like “Project Id” and custom domain in this Google Groups post. I would advise you to take caution before sharing any personal or project specific information like these in any public forums as they can be used to harm your application.
On Sunday, December 9, 2018 at 9:07:19 PM UTC-5, Devel63 wrote:We have an existing app engine project started a number of years ago. It serves managed security HTTPS on the www subdomain.
At the time of creation, naked domains were not supported. The instructions only cover how to do that for a new project, and don't work for an existing one.Following the clues in the instructions, we added the 4 AAAA records to our DNS provider (a "new" requirement), and now the HTTP naked domain redirects to HTTPS for www, which is good. But we'd like it to do the same thing for HTTPS on the naked domain, and that gets an ERR_CONNECTION_CLOSED.We tried adding the naked custom domain via the console, but that doesn't work because it's already at least partially mapped:
What can we do to get the naked domain working with HTTPS?
You received this message because you are subscribed to a topic in the Google Groups "Google App Engine" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/google-appengine/XNefdPm_jkk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to google-appengine+unsubscribe@googlegroups.com.
To post to this group, send email to goo...ine@googlegroups.com.