How to Setup SSL on Google Cloud Platform (Part 2)

How to Setup SSL on Google Cloud Platform (Part 2)



This tutorial walks you through the process of creating a website on Google Compute engine virtual machine instance, configuring a load balancer, enabling Google managed SSL certificate, configuring the DNS zone and DNS records with the domain registrar.

This is the easiest way to setup SSL for any web server or API service.

#ssl #encryption

28 thoughts on “How to Setup SSL on Google Cloud Platform (Part 2)

  1. Break dows like this enormously helpful. I'm working hard to teach myself these things while going to school for design. The Prob with the school doesn't teach you how to maneuver the computer and set things up by yourself. But teaching myself online, everyone assumes you know the simple things, for example, if I need to get to my PHP for WordPress because I changed the URL on my site. So basically, The instructions say it's easy (talk about make me feel bad). You need to go in my PHP in ssh type in code, then I'm good. But…………. How do I get to the PHP and maneuver while I'm in there? These are the things that make working online extremely difficult. Customer Service forget about it, on most platforms; WordPress has no contact. They have forms, and people send you right back to the confusing directions. All I'm saying is thank you so so much for your videos. You are certainly helping people.

  2. Can internal http be turned into https ? see https://cloud.google.com/load-balancing/docs/l7-internal/

  3. It is dum idea to set ssl certificate compute engine. You should look at heroku. The way they do is very simple to set up ssl certificate within a few seconds.

  4. Thanks for the detailed tutorial. I have followed your previous tutorials and even this. But each time I point my domain to this SSL, I get an error like this and it stays for a long time:

    Error: Server Error

    The server encountered a temporary error and could not complete your request.

    Please try again in 30 seconds.

    Should I keep waiting for this? You can help me check from that end: jobreaders.org

  5. I can not even begin to explain how grateful I am. I deployed flask app and I have been trying to sort this out for days. Thank you!

  6. Thanks for the tutorial, it helped me understand how the requests are handled by the load balancing (and therefore troubleshooting errors).

    I know you said you don't like WordPress so I'll try to guide people who are having issues with a WordPress setup. From my (recent) experience it just requires one tweak for it to work :

    1) Make sure that your wordpress URL point toward your domain (with https://) it's pretty obvious but sometimes forgotten.
    2) You need to allow the health check in your Firewall (you can look up how to do it in the google official healthcheck tutorial : https://cloud.google.com/load-balancing/docs/health-checks#firewall_rules) and add these rules to your VM (the Target tag field)
    3) When you create your health check, unlike in this tutorial do not select HTTP, instead choose TCP on port 80 and leave the request path blank (you can add something but a blank health check should have a higher success rate)
    4) Your website should now load with a mix content error : simply add $_SERVER['HTTPS']='on'; in your wp-config.php and you should be all set

    This method worked for me on 2 differents VM instances using wordpress.
    In case you see errors when editing your posts, just update your permalinks (change something, save then change it back) and it should fix it (wordpress posts sometimes break when you update your home url).

    If your health check still fail :
    I found out that adding the load balancer IP address (without http or https) in the home url of wp_options via PhpMyAdmin will pass a HTTP health check. However this will break a lot of wordpress functions (like menu links, posts links, etc). So for the link issues, you will need to counterbalance them in your functions.php by rewriting links urls. It probably also have a lot of other yet unknown drawbacks so use this solution as a last resort.

  7. Thank you so much for these 2 tuts,
    I have 2vms
    1.Win server OS for web app
    2.linux for DB
    – I want to access the application through a domain instade of the vm static IP
    everything worked fine ( instance group, LB frontend, SSL cert., cloud DNS .. etc)
    [ the problem is my backend service status is unhealthy ]
    http and https rules
    IP : 0.0.0.0/0
    TCP : 80,442
    when I hit my vm static ip address directly the app works fine.

  8. Took away my down vote. This is a good instructional video. My problem was with the App I was using, Moodle. It was jacking up my https/http redirection. So When I went past https//billandteds.com/moodle to //billandteds/moodle/login at that point some of my content wasn't using ssl. It took me awhile to realize it was moodle bc I didn't know how to read the google loadbalancer logs which honestly were pretty bad.

  9. Hi! Please, tell how to allow HTTP & HTTPS Traffic in a Firewall, if those options are freeze?

    Thank you!

  10. So just to re-enstate my instance with the working WordPress install, I have had to delete everything i.e Instance group, Load Balancer, etc etc, but I still receive error <<<This site can’t be reached 35.243.202.221 refused to connect.>>>> @Macgyver: Please assist

  11. Hello mate, can you make tutorial, how to ponting a domain with google domain
    because i'm so confuse with google cloud
    the domain bnsholiday.com
    screnshoot Vm https://prnt.sc/ukudm8
    Cloud DNS https://prnt.sc/ukue6f External Ip https://prnt.sc/ukufgt
    Google Domain NS https://prnt.sc/ukueek
    Google Domain Record https://prnt.sc/ukuep7

    can you see, what problem with this

  12. Hello Macgyver, Thanks for sharing! Will, u pls kindly make a video on WordPress security on different levels respectively from infrastructure, operating software, software, apps, user PPI … etc., the whole package on security … Thanks in advance!!!

  13. This does not work with a wordpress instance (because it is managed and cannot be added to an unmanaged instance group)
    is there any solution?
    (I don't want use other certificate like lets encrypt, I would to use google certificate)

  14. I did all as you show. It doesn't work. Even when I enter static PI of balancer into browser – it gives 404

  15. The health check was fine when I initially set it up but now it's unhealthy and I can't fix it. Please help me with it. Thanks in advance

  16. i am getting this error ' 404. That’s an error.

    The requested URL / was not found on this server. That’s all we know.' kindly help

  17. Hi, how is it that I have a problem with the subfolders not loading? I get an error: "The requested URL / cosmos_2020 / users / login was not found on this server." … please help

  18. Hi Everyone here is very easy method for wordpress installation,SSL,filemanager,MySQL ,phpmyadmin everything without going through command and SSH stuff on Google Cloud .If you wan't to learn just reply me

  19. I don't know if it's just me but I am never given an option to add any of my existing instances to a new unmanaged group – which made this tutorial hard to follow along with. I feel I get the concept though and tried just recreating my setup inside of one of their Managed Groups and after a ton of work figuring out the whole cloud server exit hook to rename the hostname of the so call managed instance I was able to get IP_ADDRESS:2083 IP_ADRESS:2087 working but pointing the DNS records of domain.com to the load balancer public IP address just gave me 404 errors and ER__EmptyRespone
    It's made for a miserable week if you know what I mean

  20. Hello, I'm from PERU, my name is JEFFERSON JOB, I have a VM instance running on Google Platform and I just bought a domain, I saw your tutorials on the web but I don't speak much English, please maybe you can make a tutorial or you can help me put https to my platform, I hope you respond thanks.

Leave a Reply

Your email address will not be published. Required fields are marked *