0

I have certificate which is Contains Private Key,Root Chain, and Format is Base64(openSSL)
My Certificate contents. (mycert.pem):

subject=CN=MainDomain.com, OU=ISD, O=GIT Inc, S=AR, C=US
issuer=CN=ABC, DC=homeoffice, DC=ABC, DC=com
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
subject=CN=-TLS-01-SHA256, DC=homeoffice, DC=ABC, DC=com
issuer=CN=ABC01-SHA256, DC=homeoffice, DC=ABC, DC=com
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
subject=CN=-TLSRoot-01-SHA256, DC=homeoffice, DC=ABC, DC=com
issuer=CN=ABC01-SHA256, DC=homeoffice, DC=ABC, DC=com
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
subject=CN=-TLSSOME-01-SHA256, DC=homeoffice, DC=ABC, DC=com
issuer=CN=ABC01-SHA256, DC=homeoffice, DC=ABC, DC=com
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
-----END RSA PRIVATE KEY-----

I need to provide these thing in the GCP load balancer side

Public key certificate (.crt file)
Certificate chain (.csr file)
Private key (.key file).

How i can generate these thing ? Can i copy paste the content directly is it is same which is provided in my pem file

John Hanley
  • 74,467
  • 6
  • 95
  • 159
Marcin_S
  • 529
  • 3
  • 14
  • 1
    You must separate and decrypt the private key into its own PEM file. The certificates, however, look like you created them using a private CA. Google HTTP load balancers require certificates signed by a public CA (examples Let's Encrypt and Comodo). You can also use Google managed SSL certificates which are free and auto renew. – John Hanley Jun 20 '21 at 17:44
  • @JohnHanley I using it for private use that is the traffic is from restricted space. – Marcin_S Jun 21 '21 at 04:28
  • 2
    Edit your question and be provide details so that comments asking are not required. Are you using an `Internal HTTP(S) Load Balancer`? If yes, you can use self-signed certificates. What problem are you having with your certificate and the load balancer? – John Hanley Jun 21 '21 at 06:30

1 Answers1

0

Yes, you can simply copy/paste your certificate content or upload it, as it's described here:

  1. Go to the Network Services> Load Balancing> Certificates tab in the Google Cloud Console.
  2. Click Create SSL certificate.
  3. Enter a name and an optional description for the certificate.
  4. Select Upload my certificate.
  5. Paste in your certificate or click Upload to navigate to your certificate file. You can choose to include the CA certificate chain in the same file as the certificate. Google Cloud does not validate the certificate chain for you – validation is your responsibility.
  6. Paste in your private key or click Upload to navigate to your private key file.
  7. Click Create.

here

If you have any other question about how to Use self-managed SSL certificates, here is the Google public documentation link:

https://cloud.google.com/load-balancing/docs/ssl-certificates/self-managed-certs#createresoure

Edd
  • 86
  • 5