0

I am trying to map a Namecheap domain to my cloud run instance running in us-east1. However after setting up my DNS for both "www" and base domain, I run into the following page when navigating to my custom url:

enter image description here

According to Cloud Run docs domains are automatically provisioned an SSL certificate within 24 hours however I am still running into the same issue after this time period.

Looks like my home wifi network is block the request because the custom domain poses a spam risk. Is there a way to avoid this?

cormacncheese
  • 1,251
  • 1
  • 13
  • 27
  • An `ERR_CONNECTION_RESET` error can originate from multiple sources. You should first discard the reasons shown [here](https://support.google.com/chrome/answer/95669). Can you also confirm if you have already [validated ownership](https://cloud.google.com/run/docs/mapping-custom-domains#map) of the domain? – ErnestoC Jan 17 '22 at 19:14
  • @ErnestoContrerasPinon yes, I have check all the possibilities in the first link and have verified I own the domain (including my service keys) – cormacncheese Jan 19 '22 at 17:42
  • 1
    Something to note is that Cloud Run Domain mappings are in [preview phase](https://cloud.google.com/run/docs/mapping-custom-domains#run). This means that this option can still have issues to resolve. Since you mention that your house network blocks the connection due to a missing SSL certificate, it could be some internal error when assigning the SSL certificates. There is another [thread](https://stackoverflow.com/a/58526972/16929894) in which a workaround is to remap your service to a domain (which might need to be done several times). – ErnestoC Jan 19 '22 at 23:57
  • @ErnestoContrerasPinon ok will check this out, thank you! – cormacncheese Jan 20 '22 at 00:55
  • 1
    You would not receive a **Connection Reset** error for a certificate problem. Your Cloud Run service has a different issue, such as the wrong DNS settings (the client is connecting to the wrong host). Use the CLI tool **curl** with the debug flag **-v** to debug the connection. Post the details in your question. – John Hanley Feb 01 '22 at 07:05

1 Answers1

1

In my case, some ISPs were blocking off the SSL Cert created by default by simply mapping a custom domain name using your Cloud DNS to the services running in Cloud Run.

In my investigation. https://website.com was blocked by some ISPs, whilst https://www.website.com worked fine, and I had to include an nginx conf to redirect all website.com requests to www.website.com. However, I still didn't feel this was the perfect solution.

After a couple of trials and errors, I had to create a load balancer that allows the creation of a new Google Managed SSL (or yours too) and mapped that to the Cloud Run service directly.

Steps are well documented here https://cloud.google.com/run/docs/multiple-regions

And https://towardsdatascience.com/how-to-set-up-a-custom-domain-for-different-gcp-applications-using-a-load-balancer-bbcad40fed

Hope this helps someone else.

Opemipo Bolaji
  • 161
  • 1
  • 3
  • 16