Google Cloud Storage (GCS) is fantastic to host static website, and I explained the procedure in my previous article.
There are two possible ways you can access GCS hosted site.
- Using Google Storage domain, for ex – storage.googleapis.com/yourdomainname
- Through custom domain
Accessing through google storage domain is by default having SSL enabled. However, when you intend to use a custom domain, then you got to find your way to configure SSL.
In another word, GCS doesn’t enable SSL on a custom domain.
There were many questions if there is a workaround to get SSL enabled on a custom domain, so it’s accessible over HTTPS.
Good news is, you can do it.
Let’s see how…
I assume you already have a site hosted in GCS and your website is accessible over HTTP. I’ve setup my lab domain (techpostal.com) to GCS.
Let’s make it accessible over HTTPS.
Using Cloudflare – FREE Solution
One of the quickest ways to implement SSL in FREE is by routing traffic through Cloudflare. Cloudflare got many advances from security and performance, and I personly use and love it.
You can get it started in FREE (yes, SSL is provided under a free plan).
- Create an account at Cloudflare
- Click “Add Site”
- Enter site name and click “Begin Scan.”
- It will take few seconds, and you will notice scan status is completed. Click continue setup
- Cloudflare will scan existing domain record and show you, so you don’t have to add them manually. If some entry is missing then add them else click Continue
- Select the plan and continue
- Change the name server of your domain to Cloudflare at your domain registrar
By changing name server, you route your website traffic to go through Cloudflare network. Once name server is updated, click continue.
- It will take some time to get the DNS updated and once done; you will notice site status becomes active.
This concludes site is ready to take full advantage of Cloudflare which includes free SSL.
By default, when you add a site to Cloudflare, it’s accessible through http://, https://, www which you may not want.
A good practice is to serve website content through one protocol only which is HTTPS in this case. To achieve that, we will setup page rules which will take of necessary redirection.
I assume you are still logged into Cloudflare
- Go to Crypto tab
- Scroll down and turn ON “Always use HTTPS.”
With above settings, all the requests with “HTTP” will be redirected to “HTTPS.”
- Next, let’s on the automatic HTTPS rewrites
- Try to access your website, and you should see it’s accessible over HTTPS.
Cloudflare solution is probably one of the easiest one in FREE.
Using Google Cloud Load Balancer
If you don’t want to use Cloudflare for some reason, you can leverage Google Cloud load balancer (LB) which allow you to terminate SSL handshake.
The following needs to be done.
- Provision Google Cloud HTTP(S) Load Balancer
- Implement SSL (refer the guide)
- Configure LB backend as a Cloud Storage Bucket
- Update Domain A record at DNS registrar to point to Google LB Front-end IP
Verify your website through https://
Google LB also give you an option to enable their CDN. So if you are ready to spend few $$, then you may explore having LB in front of cloud storage bucket to serve the static website.