Setup SSL Certificate for Website on Google Cloud Platform

This guide provides step by step instructions that will help you to install the auto-renewing Let’s Encrypt SSL Certificate using automated client Certbot for your site hosted on GCP.

Make sure that you have:
∘ A running VM instance with the Apache server on Ubuntu 20.04 installed.
∘ Your domain name set up with your Google Cloud instance.
∘ A website that works over an HTTP connection. (URL of the website begins with “http://”. If you change it to “https://” it will not load the page).

Log into your Google Cloud Console and select
Compute Engine > VM Instances
On your VM instance click SSH to open the terminal.

First, the Certbot needs snapd installed. But If you’re running Ubuntu 16.04 or later, you don’t need to do anything. Snap is already installed and ready to go.
You can check it is installed by attempting to run snap version on the command line:

snap version

Ensure that the latest essential release of a snap is installed and tracked for updates.

sudo snap install core; sudo snap refresh core

Now, install Certbot, executing the command

sudo snap install --classic certbot

Then create the symbolic link to the Certbot directory

sudo ln -s /snap/bin/certbot /usr/bin/certbot

Next, launch the Certbot to generate an SSL Certificate for your website

sudo certbot --apache

Provide an email address (optional), that Let’s Encrypt automatically send you expiry notices when your certificate is coming up for renewal. If the certificate is already renewed, they won’t send an expiry notice.

Providing your email can be useful in case you get any issue with your running certificate in the future.

Agree with the Terms of Service by entering Y.

Enter Y if you are willing to share your email in order to get news from Let’s Encrypt project. Otherwise, enter N.

Type your domain with both naked domain name and www sub. If you have a subdomain enter it also.

Let Certbot edit your Apache configuration automatically.

Choose a vhost with enabled HTTPS typing its number

All done!
Now you have enabled the SSL certificate provided by Let’s Encrypt with automatic renewal by cron job systemd timer.

By default, the crontab attempts to renew the certificate twice a day, but renewal will only occur if expiration is within 30 days.
You may change the periodicity in the tasks file running by Cron, a time-based scheduling service.

sudo nano /etc/cron.d/certbot 
This part of the code specifies command execution (the other part of the code)for every other 12 hours every day.

For example, the code * 4 1.15 * * will run on every first and 15th day every month at 4:00 am. More about scheduling tasks in a crontab file see the documentation here.

Simulate automatic renewal

sudo certbot renew --dry-run
The simulation allows you to get things right before real renewal certificates and reduce the chance of your running up against rate limits.

Verify that Certbot works by typing in your browser’s address bar “https://” at the beginning of the website’s address.

--

--

--

Lead Web Developer at Vue Health. Husband of a wonderful wife, Entrepreneur, Dad

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

The hands-on guide for a lightweight Debian Linux install (update)

Difference between Test Scenario and Test Case

Day 7: Delta Hack Invite

How to develop ROS applications with NixOS

Package your front-end application into a docker image and deploy it to the server?

Alvin’s Dew Drop Daily — Issue #34

Google Cloud Code: Using Remote Docker Registry and Kubernetes Cluster

No/Low Code Abstraction and Programming

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Max Shestov

Max Shestov

Lead Web Developer at Vue Health. Husband of a wonderful wife, Entrepreneur, Dad

More from Medium

Learn How To Get the File name and File ID From Google Drive In Apps Script

Google Apps Script — Getting File Name And Id From Google Drive Files

Building AWS Amplify app on a GoDaddy domain

How to create documents from Google Spreadsheet data using Google Apps Script

Machine Learning for free using Amazon SageMaker Studio Lab

sign up page