0

we have a small project running on a GCP VM instance, listening on port 80. The VM has a public IP, say x.y.z.y, and proper rules to allow incoming traffic to ports 80 and 443 are in place.

What GCP services should I use if my goal is to make the application reachable via HTTPS, i.e: https://the.awesome.app ?

As a note, we own awesome.app domain name and, if needed, we would more than happy to move it to a Google operated DNS. On top of that we would also more than happy to let GCP to take care of the SSL certificates generation and renewal if this is possible.

Thx in advance for your advise.

danidemi
  • 4,404
  • 4
  • 34
  • 40
  • 2
    Your question lacks details on what is running on Compute Engine. You have several steps: a) configure DNS to point your domain to the VM (or a load balancer). b) configure HTTPS and a certificate in the web server (Let's Encrypt) or configure a load balancer in front of the VM. There are numerous tutorials available on how to configure a web server in Compute Engine and others on how to configure a load balancer. Follow one of the tutorials like "Setup Let's Encrypt in Ubuntu" or similar for your OS and web server. – John Hanley Jun 22 '21 at 18:00
  • Hi there! Google offer [managed SSL certificates](https://cloud.google.com/load-balancing/docs/ssl-certificates/google-managed-certs) but only for HTTPS LB and SSL Proxies. If you are willing to set up a LB and a Managed Instance Group I think you may use this SSL certificates. – Armando Cuevas Jul 27 '21 at 19:39
  • @ArmandoCuevas - SSL certificates do not determine or affect the ciphers that are offered by the TCP stack. For HTTP(S) load balancers, the only configurable item that will affect ciphers is TLS Policy. – John Hanley Jul 27 '21 at 20:09

0 Answers0