Serving Google Cloud Storage Content through Custom Domain over SSL

You may be using cloud storage for serving either dynamic and static content of your website or only static content such as images, videos, etc. In both cases, serving content from GCS over https is very important to secure your website.

If you have a website with dynamic content served from one platform like Google Appengine and static content served from cloud storage, implementing SSL on the platform which serves your dynamic content is not enough, you need to configure SSL for your domain or sub domain on cloud storage to make your website secure.

In this tutorial, you can learn how to implement SSL for your custom domain which points to cloud storage.

First make sure that you have a cloud storage bucket with content, then you need to Logon to cloud console and go to load balancing page by clicking network service and load balancing links in the left navigation.

google cloud console load balancing

On the load balancing page, click Create load balancer button.

google cloud load balancing

Then click Start configuration button in the https load balancing section shown below.

google cloud load balancing configure https load balancing

In the next screen, enter load balancer configuration name, click backend configuration and in the right pane, click backend buckets drop down and then click Create backend bucket.

google cloud https load balancer

On the create backed bucket screen, enter backend bucket name, select cloud storage bucket which contains your web application static content, check enable cloud CDN and click create button. This will take you back to New https load balancer screen.

google cloud https create backend bucket

After backend configuration is done, click frontend configuration on New https load balancer screen. You don’t need to configure host and path rules if you don’t have different hosts and buckets.

In the frontend configuration form, enter name, select https for protocol field, select create IP address for IP address field which takes you to Reserve a new static IP address form where you need to enter name and click reserve, now the reserved IP will be displayed in IP address field and select create new certificate for certificate field to get below form.

google cloud https load balancer

Enter certificate name, select create Google managed certificate option, enter domain or sub domain which you want to be pointed to cloud storage bucket and click done.

google cloud https load balancer create frontend configuration

Then submit the configuration by clicking create button on New https load balancer screen. After this, you will see the configured load balancer on load balancers screen. You can click it to view the load balancer details.

load balancer for cloud storage with https custom domain

Lastly, you need to update DNS record for the domain or sub domain that needs to be pointing to cloud storage bucket. To do that, you need to logon to your domain provider website which allows you to manage DNS for your domain and add A record to map your domain or sub domain to the IP address which was created while configuring load balancer on google cloud console. You can get the IP by clicking the load balancer on the load balancer screen of cloud console.

cloud storage with https custom domain