[Optional] Create Managed SSL Certificates for GCP
Establish secure access to the DuploCloud portal with regional or global SSL certificates for GCP
If you have your own certificate and you followed the step Certificate for Load Balancer then you can skip this.
SSL certificates secure connections between clients and servers or Load Balancers by encrypting information sent over the network using Transport Layer Security (TLS). GCP users have two options to configure SSL certificates: Compute Engine SSL certificates resource (compute engine certificates) and Certificate Manager (certificate maps). For more information, see the Google Cloud documentation about the different ways to configure SSL certificates in GCP and when to use Certificate Manager.
Although DuploCloud supports both certificate configuration methods, we recommend avoiding using compute engine certificates, if possible. This is because compute engine certificates can't be validated until they're attached to a Load Balancer, which can make it hard to manage uptime. In contrast, certificate maps can be validated in advance, circumventing potential downtime.
Creating a certificate map using Certificate Manager
Create a DNS authorization resource using the following command where YOUR_DOMAIN is your domain URL and MAP_NAME is your certificate name (a unique name you choose for your certificate map).
Manually create the DNS records shown in the output of the
list
command. You'll usually do this in the certificate's domain zone in the Cloud DNS service for the same project, but it depends on how you set up DNS.Create the certificate:
Create the certificate map and its entries:
Add the certificate map in the DuploCloud Plan. Navigate to Administrator -> Plans. Select the Certificates tab and click Add. The Add a Certificate pane displays.
In the Name field, create a name for the certificate (the name is arbitrary as it is only a display name to be used within DuploCloud).
In the GCP Certificate Type list box, select the certificate type. The certificate type must match the certificate entered in the
gcloud certificate-manager maps entries create
command.In the GCP Certificate Map field, enter the name of your map (in this example, MAP_NAME). Click Create.
Now you can use your certificate with your DuploCloud Services.
Last updated