I'm currently inside the 30-day free trial for Google Apps for business (billing set up, so will start non-free trial soon). I'm attempting to set up SSL for a custom domain for a Google App Engine app, but am a bit of a noob at this stuff and the files I've accumulated aren't accepted by the Apps submission form.
I went through the following process:
openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
After filling in the cert. request information (with name www.mydomain.com), I had the two files CSR.csr and privateKey.key.
I used an SSL provider CheapSSLs.com to provide me with a certificate off this CSR.csr, and they've responded with a cert www_mydomain_com.crt
.
However, on going through Google Apps Dashboard -> Security -> SSL for Custom Domains and uploading www_mydomain_com.crt
and privateKey.key
I'm given the error:
Both the private key and SSL certificate should be in unencrypted PEM format.
Any help? As far as I can tell, they are in that format: the private Key looks like:
-----BEGIN PRIVATE KEY-----
MIIEv...
...
...CftTU=
-----END PRIVATE KEY-----
and the .crt file looks like:
-----BEGIN CERTIFICATE-----
MIIFy...
...
...WJjk=
-----END CERTIFICATE-----
The following Google services automatically issue, install, and renew SSL/TLS certificates at no additional cost: Google Sites. Google Business Profile.
Maybe this is because the browsers in many apps don't include indicators such as HTTPS, padlock, and the green address bar. But it doesn't take away from the fact that having SSL enabled is a must for Apps, be it any platform—Android or iOS.
This was answered by a friendly member of the community and then immediately deleted (not sure why...) but not before I spotted his answer and used it, to great effect :)
openssl rsa -in privateKey.key -text > private.pem
openssl x509 -inform PEM -in www_mydomain_com.crt > public.pem
The above two commands produce private.pem
and public.pem
, which are accepted fine by Google Apps dashboard.
Thank you!
For me, it was because my private.key was in the wrong format.
If your key starts with ---BEGIN PRIVATE KEY---
then you need to convert it to an RSA key.
openssl rsa -in private.key -out private_rsa.key
Then you should see ---BEGIN RSA PRIVATE KEY---
at the beginning of the private_rsa.key
which you use with GAE.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With