Setting up SSL certificate on Google Compute Engine

[Graphics Geeks]

My signing authority is asking for a CSR in PEM format.

How do I generate this for them?

And once I get my signed certificates, how do I install the certificates on my server?

And please, do not link to this webpage (I have read it a thousand times and it does not provide a clear process for installing SSL)

https://cloud.google.com/compute/docs/load-balancing/http/ssl-certificates

I've followed that guide and it leads nowhere. No files are sent to my computer. No CSR is printed onto the screen. Nothing happens.

I'm looking for a human being that can explain in terms a web developer (rather than a server geek) can understand.

[Karl MacMillan]

> On Jan 19, 2016, at 12:52 PM, Graphics Geeks <graphic...@gmail.com> wrote:
>
> My signing authority is asking for a CSR in PEM format.
>
> How do I generate this for them?
>
> And once I get my signed certificates, how do I install the certificates on my server?
>
> And please, do not link to this webpage (I have read it a thousand times and it does not provide a clear process for installing SSL)
>
> https://cloud.google.com/compute/docs/load-balancing/http/ssl-certificates
>
> I've followed that guide and it leads nowhere. No files are sent to my computer. No CSR is printed onto the screen. Nothing happens.
>

Are you able to follow the first few steps of the guide? Are you able to open a terminal on your platform?

If you have followed that guide then you have what you need, but it doesn’t print to the screen. It’s saved to a file (example.csr in the guide). You can view the file by typing ‘cat example.csr’. It will print the text including '-----BEGIN CERTIFICATE REQUEST-----'. Just copy that whole block of text.

Karl

[Graphics Geeks]

Ok, I have my CSR now.

But I don't really get this command:

gcloud compute ssl-certificates create SSL_CERTIFICATE --certificate CRT_FILE_PATH
    --private-key KEY_FILE_PATH

Once I get the KEY and CRT from the signing authority.....

How do I write the CRT_FILE_PATH and KEY_FILE_PATH? I mean, literally, what do I write in this command for the path?

Where do I put the files and what path do I type? I have FTP access to my server if that helps? I can put the files on my server somewhere if you can tell me where....

[George]

Hello,

As mentioned in this Help Center article, the certificate and the Key paths are the local path on the VM or the computer where you just created them. For example if they are created on the VM and they exist in the /etc/graphics directory the command will be:

gcloud compute ssl-certificate create CERTIFICATE_NAME --certificate /etc/graphics/certificate.crt --private-key /etc/graphics/key.pem

I hope this helps.

Sincerely,

George

[Graphics Geeks]

Thanks,

But now I get ERROR: (gcloud.compute) Invalid choice: 'ssl-certificate'. Did you mean 'ssl-certificates'?

And if I change it to say certificates I get:

ERROR: (gcloud.compute.ssl-certificates.create) Some requests did not succeed: - Insufficient Permission

[George]

Hello,

Did you authenticate? 

Run the following command:

gcloud auth login

Copy the link into your browser where you are logged in to your Cloud Console. Get the key and paste it in the terminal. Once done, run the gcloud compute ssl command again.

I hope this helps.

Sincerely,

George

[Graphics Geeks]

I'm speaking with globalsign who gave me my certificate. 

They are telling me the key file should be example.key that was used to generate the request?

Where do I find that? How do I get it?

[George]

Hello,

The example.key is the one you used to create your certificate. If you can't locate the file, then you need to create a new certificate.

Sincerely,

George

[Decor enginur]

Dear Team,

I have godaddy ssl certificate with me after following commands to create example.csr. Now I have the certificates from godaddy.

I dont have clue how to install on google cloud compute engine.

I am trying to create sll certificate resource but the command is not at all understanable

gcloud compute ssl-certificates create [SSL_CERTIFICATE] \
        --certificate [CRT_FILE_PATH] \

        --private-key [KEY_FILE_PATH]

What path to use . this crt file path is what? Is it the path on my computer where I have downloaded godaddy ssl certificate ?

private key path ?

After creating example.csr it is now pointing to ssl_cert directory in compute engine ssh.

Please guide is there any other method to follow for installing godaddy certificate or to use the resource command only?

If it is the only way please help with an example.Little elaborative. I am completely new and there is no video or resource which clearly explain this commands.

[Jason Buys]

This article on Stack Overflow - https://stackoverflow.com/questions/30075971/google-cloud-platform-cannot-get-https-ssl-working-on-wordpress-instance - was really helpful for me to get this setup.  I basically had to go in via SSH and manually edit the Apache config files and then restart Apache to get it to work.