Hi Borislav, I just dealt with SSL for my site this week, so this topic is very fresh in my head...
First of all, you need to get a certificate that's at least DV level (Domain Validated). This normally involves DNS verification steps to verify you indeed own the domain. It looks like you have a self-signed certificate that didn't involve domain validation. If so, you might want to upgrade or get a new DV certificate. After that, when you upload the certificate to AppEngine, you need to make sure to upload the full certificate chain, all the way to CA root. To verify this, you can check whether the .crt file includes *multiple* BEGIN CERTIFICATE / END CERTIFICATE sections. I don't know specifically about Comodo, so I'll use my certificate from SSL.com as an example. For my domain, I get 4 crt files from SSL.com. - my_domain.crt - SSLcomDVCA_2.crt - USERTrustRSAAddTrustCA.crt - AddTrustExternalCARoot.crt I then manually concatenate them together in this specific order, by running the command of: - cat my domain.crt SSLcomDVCA_2.crt USERTrustRSAAddTrustCA.crt AddTrustExternalCARoot.crt > my_domain_chained.crt I then upload the following pair of files to AppEngine. - *my_domain_chained.crt* which has 4 BEGIN CERTIFICATE / END CERTIFICATE sections - *my_domain.key* which has only 1 BEGIN RSA PRIVATE KEY / END RSA PRIVATE KEY section Comodo probably will have a different chain, but the idea should be the same. You need to upload the chained crt, with your single key to AppEngine. Hope this helps. Good luck! On Sat, Jul 29, 2017 at 1:06 PM, Borislav Arapchev <[email protected]> wrote: > Hello > > I moved my WP site into Google Cloud Hosting. > > Its all fine now and I wanted to use SSL certificate as well. > > > The site before moving to Google had an Lets Encrypt free ssl / self > signed/ and because Google warned me its not ok now I buy a new SSL from > Comodo /Positive SSL/. > > > I installed it successfully - in SSL section, but when loading the site in > a browser is says connection is not safe. > > > SSL checkers warn me that SSL is self signed - so .. is it possible the > old SSL to be still working, instead the new one from Comodo, and how to > fix it ? > > > *Thank you so much in advance! * > > > > P.S. > > site is ... mvir-cleaning .co.uk , if you want to check . > > -- > You received this message because you are subscribed to the Google Groups > "Google App Engine" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at https://groups.google.com/group/google-appengine. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/google-appengine/799058e5-1990-41a0-8431- > 78419cbd1acf%40googlegroups.com > <https://groups.google.com/d/msgid/google-appengine/799058e5-1990-41a0-8431-78419cbd1acf%40googlegroups.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Google App Engine" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/google-appengine. To view this discussion on the web visit https://groups.google.com/d/msgid/google-appengine/CAEsP69jn9VXKJqBPR_diBtyKBUEBN1CPP9VcOu7Co7JyY45d7w%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
