Custom Certificates
You can upload a custom certificate that you have issued from a third-party certificate authority to the Secret Manager. To do this, you need:
- the primary certificate for the domain;
- private key;
- optional: one or more intermediate certificates. Intermediate certificates bind the final TLS certificate to the root certificate authority, it is used by the browser to verify the authenticity of the issued TLS certificate;
- optional: root certificate — part of the key that certificate authorities use to sign a TLS certificate. May be required when using self-signed certificates.
Add a custom certificate
Control panel
Terraform
-
A user certificate is valid only if project to which it has been added. Make sure that you are in the right project. To do this, open the project menu (name of the current project) and select the project.
-
In control panel go to Cloud platform → The manager of secrets.
-
Click Add a certificate.
-
Select User certificate.
-
Enter the name of the certificate.
-
Insert the master certificate for the domain. It must begin with
-----BEGIN CERTIFICATE-----
and end-----END CERTIFICATE-----
. -
Insert the private key. It must begin with
-----BEGIN PRIVATE KEY-----
and end-----END PRIVATE KEY-----
. -
Optional: To add an intermediate certificate, check the checkbox Add an intermediate certificate and in the field Intermediate certificate insert the certificate. It must begin with
-----BEGIN CERTIFICATE-----
and end-----END CERTIFICATE-----
.If you need to add multiple intermediate certificates, make sure that all certificates (primary certificate for the domain, intermediate certificates, and root certificate) create a complete chain. Value
Issuer
of the main certificate must match the value of theSubject
of the first intermediate certificate, the value ofIssuer
of the first intermediate certificate withSubject
the second intermediate and so on.Intermediate certificates can be added in the field Intermediate certificate in any order, it's important to use the full chain.
-
Optional: to add a root certificate, check the check box Add root certificate and in the field Root certificate insert the certificate. It must begin with
-----BEGIN CERTIFICATE-----
and end-----END CERTIFICATE-----
. -
Click Add.
Use the instructions Add a certificate in the Terraform documentation.
Update the user certificate
-
In control panel go to Cloud platform → The manager of secrets.
-
Open the tab Certificates.
-
On the menu. of the certificate, select Update.
-
Insert the master certificate for the domain. It must begin with
-----BEGIN CERTIFICATE-----
and end-----END CERTIFICATE-----
. -
Insert the private key. It must begin with
-----BEGIN PRIVATE KEY-----
and end-----END PRIVATE KEY-----
. -
Optional: To add an intermediate certificate, check the checkbox Add an intermediate certificate and in the field Intermediate certificate insert the certificate. It must begin with
-----BEGIN CERTIFICATE-----
and end-----END CERTIFICATE-----
.If you need to add multiple intermediate certificates, make sure that all certificates (primary certificate for the domain, intermediate certificates, and root certificate) create a complete chain. Value
Issuer
of the main certificate must match the value of theSubject
of the first intermediate certificate, the value ofIssuer
of the first intermediate certificate withSubject
the second intermediate and so on.Intermediate certificates can be added in the field Intermediate certificate in any order, it's important to use the full chain.
-
Optional: to add a root certificate, check the check box Add root certificate and in the field Root certificate insert the certificate. It must begin with
-----BEGIN CERTIFICATE-----
and end-----END CERTIFICATE-----
. -
Click Update.