> Done! Your site is now HTTPS protected! Don’t forget to renew your cert in 3 months
This is not how Let's Encrypt is designed to work. Manually registering and then deploying a certificate and saying "don't forget to renew" does not make for a particularly high quality post.
Agreed! I also wish there was an automated way to renew! However currently there isn't, and I doubt building out the tooling is worth it given Google appears to be working on an integration themselves: https://issuetracker.google.com/issues/35900034 -- in the intermediate, I still need certificates though.
"LetsEncrypt issues SSL certificates by automatically verifying that you have ownership of the domain you claim you have."
Let's Encrypt does not verify ownership of domains. We verify control.
This is a common mistake, but the difference between ownership and control is significant so I'm just pointing this out for general educational purposes.
The fact that setting up SSL on Google's platform in 2017 requires reading a long article and repeating steps is really bad publicity - if this post is official it ought to be embarrassing. AWS, Heroku, Cloudflare have all moved on to automated certificate management for all their hosted services.
For the Container Engine part of GCP (and any Kubernetes installation really), this project automates everything away : https://github.com/jetstack/kube-lego
+1 well worth checking this tool out. Saved me a lot of effort setting up a GCP Kubernetes deployment two months ago. So far it has been a matter of set it and forget it.
I recently moved my static site from app engine to S3 and cloudfront so I could take advantage of ACM certificates (as well as playing around with some more terraform).
What's the advantage of running the API in google app engine as opposed to a google cloud VM instance that you can just SSH into? Setting up letsencrypt on a VM instance is 10x easier than this (and in my experience everything else you need to do is 10x easier).
[+] [-] RKearney|8 years ago|reply
This is not how Let's Encrypt is designed to work. Manually registering and then deploying a certificate and saying "don't forget to renew" does not make for a particularly high quality post.
[+] [-] tomasreimers|8 years ago|reply
[+] [-] charlieegan3|8 years ago|reply
[+] [-] jaas|8 years ago|reply
Let's Encrypt does not verify ownership of domains. We verify control.
This is a common mistake, but the difference between ownership and control is significant so I'm just pointing this out for general educational purposes.
[+] [-] tomasreimers|8 years ago|reply
[+] [-] sudhirj|8 years ago|reply
http://docs.aws.amazon.com/acm/latest/userguide/acm-overview...
https://devcenter.heroku.com/articles/automated-certificate-...
https://www.cloudflare.com/ssl/
[+] [-] advisedwang|8 years ago|reply
[+] [-] tomasreimers|8 years ago|reply
[+] [-] renaudg|8 years ago|reply
[+] [-] basetensucks|8 years ago|reply
[+] [-] charlieegan3|8 years ago|reply
I recently moved my static site from app engine to S3 and cloudfront so I could take advantage of ACM certificates (as well as playing around with some more terraform).
[+] [-] mikecb|8 years ago|reply
[+] [-] emddudley|8 years ago|reply
[+] [-] advisedwang|8 years ago|reply
[+] [-] bg0|8 years ago|reply
This being said, I appreciate the tutorial.
[+] [-] superasn|8 years ago|reply
[+] [-] tomasreimers|8 years ago|reply
[+] [-] danielecook|8 years ago|reply
[+] [-] hatstand|8 years ago|reply
Currently relies on a fix to the appengine go SDK though: https://github.com/golang/appengine/pull/82
[+] [-] sercand|8 years ago|reply
[+] [-] unknown|8 years ago|reply
[deleted]
[+] [-] unknown|8 years ago|reply
[deleted]
[+] [-] finnn|8 years ago|reply
wow fuck medium
[+] [-] 43224gg252|8 years ago|reply
[+] [-] bg0|8 years ago|reply