我们加密的Google App Engine SSL无法插入 [英] Google App Engine SSL with Let's Encrypt "could not be inserted"
问题描述
当使用App Engine的设置选项卡尝试添加新的SSL证书时,我们通过Google App Engine的控制台加密生成一个对话框错误,并对POST请求进行了400次响应。
When trying to "Add a new SSL certificate" using App Engine's Settings tab that was generated with Let's Encrypt via Google App Engine's console results in a dialog error and a 400 response to the POST request.
错误
提供的SSL证书无法插入。
Error
"The SSL certificate provided could not be inserted."
以前生成的(约2个月前) - 当然还没有过期)SSL密钥/证书通过完全相同的方法插入很好 - 但任何新生成的不会。我尝试传统的让我们加密和相对较新的Certbot方法。还尝试了多个子域名,裸域名,单个域名,并且每个都会导致相同的错误。
A previously generated (about 2 months ago - not yet expired of course) SSL key/certificate via the exact same method is inserted just fine - but any newly generated one does not. I attempted both traditional Let's Encrypt and the relatively new Certbot method. Also tried multiple subdomains, naked domains, singular domains and each results in the same error.
我看过几个人规定--rsa-key-size 2048解决同样的问题,但我已经尝试指定了(尽管它是Certbot的默认值)。其他答案已经等待了2个小时,现在正在工作 - 寻找一个真正的解决方案,因为不可靠的插入和过期的证书可以成为一个真正的痛苦。
I've seen several people spec that --rsa-key-size 2048 solved the same issue, but I've tried specifying that as well (even though it is the default for Certbot as is). Other answers have been "waiting 2 hours and now its working" - looking for a real solution as unreliable inserts and expired certs can become a real pain.
推荐答案
我遇到类似的问题,以及几个星期前,尝试使用我以前成功使用的相同配方上传我的新证书。
I ran into similar problems as well a few weeks ago when trying to upload my new certificate using the same recipe I successfully used before.
什么工作对我来说最后是:
What worked for me in the end was:
- 将证书文件的全部内容复制到标有
或将公钥证书粘贴在下面的框中:
- copy-pasting the entire content of the certificate file into the box marked
Or paste the public key certificate in the box below:
和
- 将我的私人密钥
.pem
文件末尾的完整密钥复制到标有或者将RSA私钥粘贴到下面的框中:
(尽管如果我包含了领先的----BEGIN RSA私钥, -----
和tailing----- END RSA PRIVATE KEY -----
lines or not)。
- copy-pasting just the full key at the end of my private key
.pem
file into the box markedOr paste the RSA private key in the box below:
(though I don't exactly recall if I included the leading-----BEGIN RSA PRIVATE KEY-----
and tailing-----END RSA PRIVATE KEY-----
lines or not).
我(盲目地)对每个2份复制粘贴操作进行了多次尝试,无论跨越我的想法 - 成功/失败的反馈是即时的。
I (kinda blindly) made several attempts for each of the 2 copy-paste operations with whatever crossed my mind - the success/failure feedback is immediate.
侧记 - 你可能还要仔细检查你的证书,在我的情况下,我成功上传的第一个证书文件是一个不完整的(缺少中间实体),这似乎在我的桌面上工作正常,但是从Android浏览失败,我不得不重新生成另一个。我使用 digicert 来确认问题并验证第二个证书(以下来自SO答案的建议,当然;)
Side note - you may want to also double-check your certificate, in my case the 1st certificate file I managed to upload successfully was an incomplete one (missing intermediate entities), which appeared to be working fine from my desktop, but was failing when browsing from Android, I had to re-generate another one. I used digicert to confirm the problem and verify the 2nd certificate (following suggestions from an SO answer, of course ;)
这篇关于我们加密的Google App Engine SSL无法插入的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!