I'm currently inside the 30-day free trial for Google Apps for business (billing set up, so will start non-free trial soon). I'm attempting to set up SSL for a custom domain for a Google App Engine app, but am a bit of a noob at this stuff and the files I've accumulated aren't accepted by the Apps submission form.
我目前在30天免费试用谷歌应用程序的业务(账单设置,所以即将开始非免费试用)。我正在尝试为谷歌应用程序引擎应用建立一个自定义域的SSL,但是在这个东西上我有点不懂,而且我积累的文件不被应用程序提交表单接受。
I went through the following process:
我经历了以下过程:
openssl req -out CSR.csr -new -newkey rsa:2048 -nodes -keyout privateKey.key
openssl点播两级CSR。csr -new -newkey rsa:2048 -node -keyout privateKey.key。
After filling in the cert. request information (with name www.mydomain.com), I had the two files CSR.csr and privateKey.key.
在填写cert. request信息(名称为www.mydomain.com)后,我有两个文件CSR。企业社会责任和privateKey.key。
I used an SSL provider CheapSSLs.com to provide me with a certificate off this CSR.csr, and they've responded with a cert www_mydomain_com.crt.
我使用一个SSL提供商CheapSSLs.com为我提供了这个CSR的证书。csr,他们用cert www_mydomain_com.crt作为回应。
However, on going through Google Apps Dashboard -> Security -> SSL for Custom Domains and uploading www_mydomain_com.crt and privateKey.key I'm given the error:
然而,通过谷歌应用程序Dashboard ->安全-> SSL的自定义域和上传www_mydomain_com。crt和privateKey。关键是我犯了错误:
Both the private key and SSL certificate should be in unencrypted PEM format.
私钥和SSL证书都应该是未加密的PEM格式。
Any help? As far as I can tell, they are in that format: the private Key looks like:
任何帮助吗?据我所知,它们的格式是这样的:私钥看起来是这样的:
-----BEGIN PRIVATE KEY-----
MIIEv...
...
...CftTU=
-----END PRIVATE KEY-----
and the .crt file looks like:
这个。crt文件是这样的:
-----BEGIN CERTIFICATE-----
MIIFy...
...
...WJjk=
-----END CERTIFICATE-----
2 个解决方案
#1
57
This was answered by a friendly member of the community and then immediately deleted (not sure why...) but not before I spotted his answer and used it, to great effect :)
这是一个友好的社区成员的回答,然后立即删除(不确定为什么…)但在我发现他的答案并使用它之前,效果很好:)
openssl rsa -in privateKey.key -text > private.pem
openssl x509 -inform PEM -in www_mydomain_com.crt > public.pem
The above two commands produce private.pem and public.pem, which are accepted fine by Google Apps dashboard.
上述两个命令生成私有。pem和公众。pem,被谷歌应用程序仪表板接受。
Thank you!
谢谢你!
#2
11
For me, it was because my private.key was in the wrong format.
对我来说,这是因为我的隐私。关键是错误的格式。
If your key starts with ---BEGIN PRIVATE KEY--- then you need to convert it to an RSA key.
如果您的键从---开始私钥---然后您需要将其转换为RSA密钥。
openssl rsa -in private.key -out private_rsa.key
Then you should see ---BEGIN RSA PRIVATE KEY--- at the beginning of the private_rsa.key which you use with GAE.
然后您应该看到---开始RSA私钥---在private_rsa的开头。与GAE一起使用的密钥。
#1
57
This was answered by a friendly member of the community and then immediately deleted (not sure why...) but not before I spotted his answer and used it, to great effect :)
这是一个友好的社区成员的回答,然后立即删除(不确定为什么…)但在我发现他的答案并使用它之前,效果很好:)
openssl rsa -in privateKey.key -text > private.pem
openssl x509 -inform PEM -in www_mydomain_com.crt > public.pem
The above two commands produce private.pem and public.pem, which are accepted fine by Google Apps dashboard.
上述两个命令生成私有。pem和公众。pem,被谷歌应用程序仪表板接受。
Thank you!
谢谢你!
#2
11
For me, it was because my private.key was in the wrong format.
对我来说,这是因为我的隐私。关键是错误的格式。
If your key starts with ---BEGIN PRIVATE KEY--- then you need to convert it to an RSA key.
如果您的键从---开始私钥---然后您需要将其转换为RSA密钥。
openssl rsa -in private.key -out private_rsa.key
Then you should see ---BEGIN RSA PRIVATE KEY--- at the beginning of the private_rsa.key which you use with GAE.
然后您应该看到---开始RSA私钥---在private_rsa的开头。与GAE一起使用的密钥。