Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
646 views
in Technique[技术] by (71.8m points)

https - Use Google managed ssl certificate with dockerized uwsgi app

I am using Terraform to deploy the infrastructure for my app. One of the modules is this: https://github.com/terraform-google-modules/terraform-google-lb-http to create a Load Balancer with a registered domain and everything.

My app works perfect in HTTP mode, but once I want to use SSL, TF creates the certificates on GCP and redirects all traffic to HTTPS.

The problem is that the app is not responding and getting 503 all the time with the error malformed HTTP request

I guess I have to run uwsgi inside the container in HTTPS mode but for that I need the certificate and private key files to be available locally inside the container.

According to GCP support, right now we cannot download these files.

Is there any solution or workaround that I can do?

question from:https://stackoverflow.com/questions/65915265/use-google-managed-ssl-certificate-with-dockerized-uwsgi-app

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

As commented by John, if you want to configure your application for HTTPS traffic using a Google Cloud External HTTP/S Load Balancer, you can keep the backend using HTTP meanwhile the external clients can still connect using HTTPS to the Load Balancer Frontend.

This would look something like this:

Client --- (HTTPS) ---> Load Balancer --- (HTTP) ---> Backend

If you want to also encrypt the private traffic from the Load Balancer to your docker application, you will need to use your own self signed certificate on the application itself.


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

2.1m questions

2.1m answers

60 comments

57.0k users

...