This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

ssl on gke gcp

Posted on 12-05-2023 06:17 AM
vijay-33567
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Hi,

i have deployed monolithic application in gcp through gitlab ci/cd. Under the cluster i am running two applications as workload, both accessible with http. Now i want to change it https, so i tried by creating the ingress. 

My wildcard ssl certificate is with godaddy, i use that certificate in onprem also. When i downloaded certificate file from godaddy it has got 3 files 1 certificate, 1 bundle , 1 pem  and pvt key was in cpanel(it has many pvt keys i dont know which one since it is managed my different person). So when upload .pem and one of the pvt key in gcp certificate manager it got stored without error. But when i try to use the same in ingress setup ,ingress got created but it showed error as "Error 400: The SSL certificate and key do not match., sslCertificateKeyAndCertMismatch" . And if i try upload as secret through cloud sdk i got "error: tls: private key does not match public key". 

How to resolve this ,online i dont find any end to end procedure from godaddy to gke. If anyone has any document or procedure pls share.

"Pls respond as soon as possible, my deadline is nearing".

Thanks in advance,

 

0 3 717
Topic Labels
0 Likes
3 REPLIES 3

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
Reply posted on --/--/---- --:-- AM

Hi @vijay-33567 ,

Based on the information that you provided, you can try combining the certificate and bundle using this command below. You can do this using a text editor.

cat certificate.crt bundle.crt > combined.crt

 Regarding this part that you have mentioned, 

@vijay-33567 wrote:

And if i try upload as secret through cloud sdk i got "error: tls: private key does not match public key". 

Try uploading it directly using this command :

kubectl create secret tls my-tls-secret --cert=certificate.pem --key=privatekey.pem

 

0 Likes

Posted on --/--/---- --:-- AM
Marvin_Lucero
Staff
In response to Marvin_Lucero
Reply posted on --/--/---- --:-- AM

In addition, you can try debugging and check the secrets and certificates using the command below:

kubectl get secrets
kubectl describe secret my-tls-secret

 

0 Likes

Posted on --/--/---- --:-- AM
vijay-33567
Bronze 2
Bronze 2
In response to Marvin_Lucero
Reply posted on --/--/---- --:-- AM

Hi @Marvin_Lucero ,thanks for the reply

I need a help regarding kubernetes deployment issue. I deployed my application in gke with application load balancer with service and ingress yaml defined , even http frontend is not working. ingress is showing backend is unhealthy (network endpoint group).I stuck in this issue for 2 weeks. I Tried with documentation and videos but i couldn't able to find the issue. So i need your help by connecting a call. Could you please?

Thank you,

0 Likes
Top Labels in this Space
Top Solution Authors
View all