Using app engine for a SAAS with custom domains and SSL
207 views
Skip to first unread message
tom berwick
Sep 25, 2019, 4:37:26 PM9/25/19
to Google App Engine
Hi,
I'm currently in the process of putting together a SAAS offering that will give users a unique url e.g app.com/username
I want the ability to allow them to use their own custom domain. I obviously want to use SSL/https for this but also require as little work as possible on the users part. Possibly only updating some DNS records such as a cname etc.
For the certificates I planned to use LetsEncrypt and by the looks of things I will need to use a separate server to issue the certificates and then use the REST api to send them to gcloud. However one issue I will run into is that I won't be able to verify the custom domains of the other users. I could, in theory create each user their own subdomain e.g username.app.com for them to cname to if this makes things easier? Or should I actually use A records and point them to my app engine instance that way?
Is there a way to do this with App Engine? I'm not all up to date with containers etc. and App Engine is perfect for me in terms of the scaling factor without having to worry about infrastructure. But I'm wondering if I'm barking up the wrong tree in trying to achieve what I want.
I think I'll have to use DNS validation from a LetsEncrypt side as well as HTTP validation won't work as I won't be able to create the required challenge files on the app engine server either for each domain.
I want the ability to allow them to use their own custom domain. I obviously want to use SSL/https for this but also require as little work as possible on the users part. Possibly only updating some DNS records such as a cname etc.
For the certificates I planned to use LetsEncrypt and by the looks of things I will need to use a separate server to issue the certificates and then use the REST api to send them to gcloud. However one issue I will run into is that I won't be able to verify the custom domains of the other users. I could, in theory create each user their own subdomain e.g username.app.com for them to cname to if this makes things easier? Or should I actually use A records and point them to my app engine instance that way?
Is there a way to do this with App Engine? I'm not all up to date with containers etc. and App Engine is perfect for me in terms of the scaling factor without having to worry about infrastructure. But I'm wondering if I'm barking up the wrong tree in trying to achieve what I want.
I think I'll have to use DNS validation from a LetsEncrypt side as well as HTTP validation won't work as I won't be able to create the required challenge files on the app engine server either for each domain.
Has anyone done anything similar?
Otherwise my only other idea is having a single server responsible for creating the certs which can template the virtual hosts, but even then I don't think the cname redirects will work for all the custom domains on App engine as I won't be able to verify them.
I would love to know how things like app engine and firebase actually achieve this.
Thanks
George (Cloud Platform Support)
Sep 26, 2019, 2:49:16 PM9/26/19
to Google App Engine
Hello Tom,
The process of registering a custom domain for your appspot.com site is fraught with delays that would cause your described automatic procedure to fail. You may gather related detail on the "Mapping Custom Domains" documentation page.
This discussion group is oriented more towards general opinions, trends, and issues of general nature touching the app engine. For coding and program architecture, as well as setting custom domains set up, you may be better served in dedicated forums such as stackoverflow, where experienced programmers are within reach and ready to help.
Reply all
Reply to author
Forward
0 new messages