The SSL certificate provided could not be inserted
1,693 views
Skip to first unread message
Feng Zhou
Mar 28, 2016, 4:14:07 PM3/28/16
to Google App Engine
I use google app engine trying to add ssl for custom domain. I use naked domain. After "PEM encoded X.509 public key certificate" and "Unencrypted PEM encoded RSA private key" uploaded. "The SSL certificate provided could not be inserted." is returned. I use https://www.sslchecker.com check private key/ssl match. It matches. What's wrong? I use key size "RSA 2048", nothing wrong ordering the concatenated certificates. Thank you.
Also, I raised spending limit on application setting. doesn't work.
Nicholas (Google Cloud Support)
Mar 29, 2016, 12:16:08 PM3/29/16
to Google App Engine
Thanks for posting your issue here.
- Can you provide a screenshot of this error?
- Do you get a different error message when pasting the contents of the files directly in their respective text boxes?
- Does your certificate and key meet all of the requirements for App Engine?
- Have you had any success with a different certificate/key?
- If not, what tool and guide are you using to create your certificate/key if self-signed?
This will help gives us a little more context to better understand what might be causing this issue.
Feng Zhou
Mar 29, 2016, 12:37:33 PM3/29/16
to Google App Engine
Thanks your answer.
The problem solved. I searched online and find answer at stackoverflow:
openssl rsa -in privateKey.key -text > private.pem
openssl x509 -inform PEM -in www_mydomain_com.crt > public.pem
These 2 command helps.
Nicholas (Google Cloud Support)
Mar 29, 2016, 12:49:07 PM3/29/16
to Google App Engine
Thanks for providing the solution here publicly. Would you mind mentioning what you were doing differently before so that others may better understand the solution your found?
On Monday, March 28, 2016 at 4:14:07 PM UTC-4, Feng Zhou wrote:
Feng Zhou
Mar 29, 2016, 12:55:34 PM3/29/16
to Google App Engine
Before I run these two command, I upload .crt and .key file. But actually these two files need format change to .pem file although they looks same in editor before/after format change.
Aleksey Popryadukhin
May 4, 2016, 4:46:37 AM5/4/16
to Google App Engine
I faced with the same issue. I converted the private key to rsa using this command:
openssl rsa -in private.key -out private.key.pem
And tried this command:
And tried this command:
openssl x509 -inform PEM -in www_mydomain_com.crt > public.pem
But without any success. I used this guide to issue and create certificates:
Could you provide the steps that you did?
вторник, 29 марта 2016 г., 11:37:33 UTC-5 пользователь Feng Zhou написал:
k2s
May 21, 2016, 7:20:05 PM5/21/16
to Google App Engine
I had this issue and fixed it by:
* convert private key: openssl rsa -in privkey.pem -inform pem -outform pem > gae_private.pem
* make sure that your key is RSA <=2048 bits, it is bolded here https://cloud.google.com/appengine/docs/python/console/using-custom-domains-and-ssl#app_engine_support_for_ssl_certificates
I generated my keys with https://github.com/lukas2511/letsencrypt.sh and it is pre-configured to use KEYSIZE=4096.
Dňa pondelok, 28. marca 2016 22:14:07 UTC+2 Feng Zhou napísal(-a):
Punit Pandey
Jul 29, 2016, 5:50:38 AM7/29/16
to Google App Engine
During concat process, order of certificates need to be as follows -
- 1. domain cert
- 2. intermediate cert
- 3. ca cert
Manfred Rotgers
Aug 18, 2016, 11:00:32 AM8/18/16
to Google App Engine
Any idea when certificates with key modulus 3072 bits are accepted?
Our company only use these kind of certificates, so for now we can not use this in app engine?
Reply all
Reply to author
Forward
0 new messages