Editing domains in a Google Managed SSL Certificate
2,058 views
Skip to first unread message
Daniel Krause
Jan 28, 2020, 10:01:56 AM1/28/20
to Google Cloud Developers
Is it possible to edit a managed SSL cert.
ie adding or deleting domains that are linked to a specific cert
I know this can be done with Letsencrypt so I assume this should be possible, but I do not see any way at present to do this
Having to delete and recreate certificates to add/delete domains would be rather painful
noverlyjoseph
Jan 30, 2020, 8:49:01 AM1/30/20
to Google Cloud Developers
With Google-managed SSL, you don't have to manually renew the certificate. They will be renewed automatically as you can see here[1]
[1] https://cloud.google.com/load-balancing/docs/ssl-certificates#google-managed_ssl_certificate_renewal
[1] https://cloud.google.com/load-balancing/docs/ssl-certificates#google-managed_ssl_certificate_renewal
Daniel Krause
Feb 3, 2020, 10:03:50 AM2/3/20
to Google Cloud Developers
I'm not referring to renewal of the cert, I am talking about adding and removing domains to an existing certificate.
Each cert can contain 100domains, if I create a cert and only add 50domains, how to I expand that cert post-creation with additional domains
Dattu Pragnu Nellutla
Feb 3, 2020, 7:44:47 PM2/3/20
to Google Cloud Developers
Currently, as per GCP documentation[1] I could see that each certificate can be associated with 100 Domains. However, we don't have an “update command”[2] to update the managed certificates.
This being said, if you wish to update the domains in the SSL certificate, you could create a new google managed certificate and associate with all the existing and new domains. Once the certificate status shows active you can delete the older certificate.
[1]Self-managed and Google-managed SSL certificates
https://cloud.google.com/load-balancing/docs/ssl-certificates#certificate-types
[2]Commands for ssl certificates
https://cloud.google.com/sdk/gcloud/reference/beta/compute/ssl-certificates
Daniel Krause
Feb 4, 2020, 8:54:26 AM2/4/20
to Google Cloud Developers
Thanks, I had thought of trying this out
The only problem with this method, it means that you would need to keep one spare cert open at all times, which effectively means a loss of 100 potential domains
We are expecting 900-1200 domains for our platform so this is quite a loss
We are expecting 900-1200 domains for our platform so this is quite a loss
Hopefully this feature will still be implemented
Daniel Krause
Feb 4, 2020, 8:54:26 AM2/4/20
to Google Cloud Developers
Should anyone have a similar need I have submitted a feature request for this
https://issuetracker.google.com/issues/148809372
https://issuetracker.google.com/issues/148809372
On Tuesday, February 4, 2020 at 4:44:47 AM UTC+4, Dattu Pragnu Nellutla wrote:
Roldan Vallejo
Feb 4, 2020, 3:18:02 PM2/4/20
to Google Cloud Developers
Thank you for your notification. If you want to be automatically notified of any updates you can "Star" the Feature Request and you'll receive an email message. Otherwise you can simply visit the link periodically and check if there's anything new. It's worth noting that at the moment there's no ETA for the availability of this feature.
Reply all
Reply to author
Forward
0 new messages