I think my problem is the same as this one: (sorry for the duplicate)
Google Cloud Platform Bucket: serving content with custom domain over https
But, here my settings.
First, I created a custom subdomain : cdn.domain.com to have a SSL certificat. (to use it after)
I created a bucket, named cdn.domain.com
I created a Cloud DNS and add a A record to point to my load balancer's IP
And here is my load balancer configuration:
Http and HTTPS (with my certificat)
HTTPS certificat
So, is that possible to help me to setting my CDN please ?
https://35.227.242.87/web/build/css/select2.min.css it is unsecure :/
Change Google IP by my custom domain cdn.domain.com ?
https://cdn.domain.com/web/build/css/select2.min.css is that possible ?
Thank you very much.
[SOLVED] 2018-04-18
I did it. So, this is my configuration:
1 SSL certificat for my domain (cdn.domain.com)
no custom domain in google cloud
Added a load balancer with HTTP & HTTPS protocol and static IP on my bucket storage.
changed my domain DNS (cdn.domain.com) to point to my load balancer static IP
It's done and it works, very easy :)
Related
I have set up a CDN by following this document: https://cloud.google.com/cdn/docs/setting-up-cdn-with-bucket
http (with port 80)
https (with port 443) with a google-managed certificate
example.com is pointing to the load balancer's ip adress (google domains)
the certificate says example.com is active
simple index.html is in the backend bucket
I can load http://example.com fine but it is insecure. When I load https://example.com on chrome I get the following:
This site can’t provide a secure connection
mydomain.com uses an unsupported protocol.
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
Can somebody help me set up Cloud CDN with https using GCP storage?
EDIT: trying adding AAAA following How do you serve a static website using Google Cloud CDN, Google Cloud Storage, and a custom domain?
Requestor Pays was already off
The permission was to allUsers with Storage Object Viewer
EDIT2: adding AAAA didn't work for me
EDIT3: Got rid of AAAA. It is working now... I guess it takes quite long
Yes, depending on your domain provider. Normally, the longest takes up to 78 hours.
You need to enable the http-https redirect. You need to configure the http frontend, and there you have the option to enable the http-https redirect.
I would assume that you did not add the external IP of the Load Balancer as one of the domains accepted by your SSL certificate (and you shouldn't have to), so it will not really load the page via https://(LoadBalancer-IPAddress)
Hi I have a domain name which is registered with https://www.networksolutions.com/. I have added nameservers which were mentioned in the Cloud DNS when I created zone.
After this I added SSL certificate which Google provides,
after this I added several subdomains and mapped this external IP of the load balancer to those domain names in the Cloud DNS section.
But even after doing all these steps when I am trying to access my website using https it given me following error.
Following are my domain names,
Here is my frontend configuration for http(working fine) and https,
HTTP Load Balancer Frontend:
HTTPS Load Balancer Frontend:
In my domain name provider's setting I have added following nameservers,
Nameservers :
Is there any other configuration which needs to be added or changed ?
How can i setup cloud CDN? I have followed the guides.
After creating load balancer and backend service with Internet network endpoint group
Can i use mydomain.com in google cdn or I have to use cdn.mydomain.com?
As on cloudflare you can use main domain for cdn (mydomain.com) but i am not able to use in google cdn.
After creating the CDN, should i create A name ? (If i create A name - i have to delete main A name)
My server is on aws lightsail and dns is on namecheap
How can i add A name ? I am confused
Help will be appreciated.
The Domain configuration/setup has nothing to do with CDN and it is a caching service. For domain mapping, you have to use Google Cloud DNS. Similar to Cloudflare which provides DNS service, you can configure just main domain(domain.com) or also subdomain in the Google Cloud DNS [1]
If you are about to map/setup your domain in Google Cloud DNS,
i) The NS records which are created in the Google Cloud DNS once the zone is created, needs to be updated in the Namecheap site so that the connectivity between registered domain and NS in Google DNS is established.
ii) Then ‘A name’ needs to be created in Google Cloud DNS to map the domain with the external IP address of the hosting server and the same detail also needs to be updated with your domain registrar i.e., Namecheap.
iii) If you are making use of Load balancer, then make sure that A records of your domain are pointing to the IP address of your load balancer so the traffic going to your website will be rerouted to LB and checked if they are cacheable for Cloud CDN.
To make use of Google CDN, you just need to enable/disable CDN while configuring load balancer -> backend services [2] and if you are using Internet NEG, you need to map the domain name in the Create a network endpoint group page.
[1]https://cloud.google.com/dns/docs/quickstart#update_your_domain_name_servers
[2]https://cloud.google.com/cdn/docs/setting-up-cdn-with-external-origin
Regards,
Anbu.
I have set up a static website using GCP Bucket Storage and loaded SSL certificate using HTTPS Load Balancer. My DNS record is set to: CNAME pointing to to bucket with www, (c.storage.googleapis.com) and A record to the Load Balancer Proxi IP with #. When I go to the website using http protocol I get a 404.
Am I missing something?
I have tried to see if there was a way to reconfigure the DNS and the bucket but couldn't find a way.
I hope to be able to get both http and https versions to work
I am attempting to add HTTPS to my AWS Elastic Load Balancer.
I obtained a certificate through AWS Certificate Manager:
I have enabled HTTPS on the load balancer:
I made sure the security group for the load balancer accepts 0.0.0.0/0 on 443:
When going to my domain on HTTP, it works.
However, when trying to load my domain with HTTPS, it does not work ("ERR_CONNECTION_TIMED_OUT")
EDIT and UPDATE:
It is the API that I am attempting to get HTTPS working for, not necessarily the domain. The domain serve's a static file (angular web app) from S3, and it is angular that is calling the load balancer (to transfer the request to an EC2 instance) for DB data.
When angular calls the api directly via the load balancer domain name over HTTP, the request responds as expected.
When angular makes the same api call over HTTPS, I get the following error:
You enabled HTTPS for your domain name, not the ELB domain which Amazon owns. You can only create SSL certificates for domains that you own. You can't enable SSL for "mydomain.com" and then excpect that to somehow work on a completely different domain. You need to change your AngularJS code to reference the API by your custom domain name which you have created an SSL certificate for. You need to point the domain to the ELB and install the SSL certificate for the domain on the ELB.
Mark B provided the almost full solution.
As my javascript code is calling the elastic load balancer (ELB) via it's DNS name provided by AWS, I can't obtain an SSL certificate for the domain I don't own.
As Mark B pointed out, I need to point my javascript code to the domain I do own, and have an SSL cert for.
So I can create a sub domain (e.g. api.mydomain.com) of the domain I own that then points to the ELB.
An A Record (e.g domain pointing to an IP) looks like it could fit the need.
However, an A Record can't point to the ELB because it's IP could change.
The missing step was to use AWS Route 53 to point the A Record to an alias (Route 53 allows you to do this) that represented my AWS Elastic Load Balancer.