I'm trying to install ssl certificates created using the ZeroSSL.com page for Let's Encrypt, into the Google Cloud Platform. I followed the FREE SSL Certificate Wizard to do so. The ZeroSSL page generates four files in the process: domain-crt.txt domain-key.txt account-key.txt domain-csr.txt
The google Cloud Platform asks for two files: PEM encoded X.509 public key certificate Unencrypted PEM encoded RSA private key
I've made all the combinations, and followed all suggestion I could find in the web, but I had no success.
ZeroSSL is almost the same as Letsencrypt: support unlimited 90days certs, including wildcard certs. Full ACME compatible. Aaaaalmost the same, except wildcard certificates aren't free, certificates with more than a single hostname in the SAN aren't free, more than 3 certificates aren't free.
In fact, Let's Encrypt just issued their billionth (!) certificate. Google has been an active supporter of Let's Encrypt because we believe the work they do to make TLS accessible is important for the security and resilience of the Internet's infrastructure. Keep rocking, Let's Encrypt!
I asked this to the zeroSSL people, and Alexander answers me with the solution.
SSL Certificate Wizard generates a longer more secure 4096 bits key by default, but Google only accepts 2048 bits key. So you should generate the new CSR separately first by using CSR Generator at https://zerossl.com/free-ssl/#csr and making sure you select 2048 bits. Then download the produced key and CSR (please note that this is the domain key, not the LE key) and then use the same LE key as you used originally and this new CSR with the SSL Certificate Wizard. At the last Wizard step, you might need to split the domain-crt.txt file in two. The first part between ---BEGIN CERTIFICATE----- and ---END CERTIFICATE----- will go into "Public key certificate" field. Finally, the content of domain-key.txt should be pasted into "Private key" field.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With