Hi,
I created my certificates like so:
$ openssl req -new -newkey rsa:2048 -nodes -keyout my-domain.key -out my-domain.csr
$ openssl x509 -req -days 365 -in my-domain.csr -signkey my-domain.key -out my-domain.crt
I then dockerized, then deployed to Google Compute Engine, but, I am still getting this net::ERR_CERT_INVALID
while requesting my API from a ReactJs App (Google Chrome)
So I understood than using let’s encrypt could solve my problem, however, I can’t find the way to achieve it (or maybe i am just lost)
I bought a domain “xyz.fr” and from OVH (my provider), i made a AAAA relation between the IP of my backend and “api.xyz.fr” (which points to XX.XXX.XXX.XX:443 where my API listens)
My domain is:
My web server is developed in Go and runs (dockerized) on a Google Compute Engine:
// RunAsRESTAPI runs the API as REST API
func (api *API) RunAsRESTAPI(restAddr string) error {
// Generate a `Certificate` struct
cert, err := tls.LoadX509KeyPair( ".certificates/my-domain.crt", ".certificates/my-domain.key" )
if err != nil {
return errors.New(fmt.Sprintf("couldn't load the X509 certificates: %v\n", err))
}
// create a custom server with `TLSConfig`
restAPI := &http.Server{
Addr: restAddr,
Handler: nil, // use `http.DefaultServeMux`
TLSConfig: &tls.Config{
Certificates: []tls.Certificate{ cert },
},
}
// Defining the routes
routes := map[string]func(http.ResponseWriter, *http.Request){
"": api.handleIndex,
}
// Initialize mux
mux := http.NewServeMux()
// Register endpoints handlers
for route, function := range routes {
endpoint := "/" + route
mux.HandleFunc(endpoint, function)
log.Printf("[%s] endpoint registered.\n", endpoint)
}
// cors.Default() setup the middleware with default options being
// all origins accepted with simple methods (GET, POST). See
// documentation below for more options.
restAPI.Handler = cors.Default().Handler(mux)
log.Printf("REST TLS Listening on %s\n", restAddr)
return restAPI.ListenAndServeTLS("", "")
}
If I listen on 80 using HTTP, it works like a charm.
If I listen on 443 using HTTPS, it works only from Postman
My hosting provider, if applicable, is:
Google Cloud Platform
I can login to a root shell on my machine (yes or no, or I don’t know): Yes I think so, at least I can SSH into it
I’m using a control panel to manage my site (no, or provide the name and version of the control panel): I think I can do both, quite new to compute engine on google!
Thanks!