Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.

Issue when provisioning SSL certificate with cloud run service default domain

I have a cloud run services using an Assigned by Cloud Run URL.
I tried to setup an SSL certificate with Assigned by Cloud Run URL, to integrate with LB, but the cert status is  FAILED_NOT_VISIBLE after provision

duy_tran_0100_0-1729053318721.png

Following this document, I need to set up A record, but I can't find it in Assigned by Cloud Run URL
https://cloud.google.com/load-balancing/docs/ssl-certificates/troubleshooting?_gl=1*184mivn*_ga*Mjkx...

How can i create SSL cert with Assigned by Cloud Run URL?
Thanks in advance.

Solved Solved
1 2 308
1 ACCEPTED SOLUTION

Hi @duy_tran_0100 ,

Welcome to Google Cloud Community!

You can not set up an SSL certificate with a URL assigned by Cloud Run to integrate with a load balancer. But here is a workaround to integrate a load balancer that utilizes a serverless NEG backend to route requests to your Cloud Run service.

To generate an SSL certificate  resource, you can choose between a Google-managed or a self-managed certificate. If you opt for a Google-managed certificate, you must have a domain, and its A record needs to point to the IP address of your load balancer. To set this up, create an A record for each domain through your domain registration service, ensuring that all A records direct traffic to the same load balancer IP address.

I hope the above information is helpful.

 

View solution in original post

2 REPLIES 2

Hi @duy_tran_0100 ,

Welcome to Google Cloud Community!

You can not set up an SSL certificate with a URL assigned by Cloud Run to integrate with a load balancer. But here is a workaround to integrate a load balancer that utilizes a serverless NEG backend to route requests to your Cloud Run service.

To generate an SSL certificate  resource, you can choose between a Google-managed or a self-managed certificate. If you opt for a Google-managed certificate, you must have a domain, and its A record needs to point to the IP address of your load balancer. To set this up, create an A record for each domain through your domain registration service, ensuring that all A records direct traffic to the same load balancer IP address.

I hope the above information is helpful.

 

Thank you so much for your reply,
My client have setup a custom domain to solve this problem.