Update Google Cloud Load Balancer SSL Cert
Well it is three months since I stated blogging again, and guess what? Time to update the SSL Certificate. Like many other sites chrislovecnm.com is using a free SSL Certificate issued by letsencypt. You have to renew these certificates every three months.
This site is hosted on Google Cloud, and uses a load balancer configured to talk to a bucket. The ssl certificate is attached to the https proxy on the load balancer.
Here are the steps that I followed:
- execute
sudo certbot certonly --manual -d yoursite.com,www.yoursite.com
- followed the instructions and upload the web pages
- moved the certs to where they are readable, as certbot makes the read only
- created a new cert in gcloud
gcloud compute ssl-certificates create my-cert-name --certificate cert.pem --private-key privkey.pem
- configured the load balancer to use the new cert
I could have done gcloud compute target-https-proxies update my-https-proxy
--ssl-certificate mynewcert
, but I already had the console open.
Now I am waiting for caching to see if the cert updated correctly. Fingers crossed :)