https - Use Google managed ssl certificate with dockerized uwsgi app

Question

I am using Terraform to deploy the infrastructure for my app. One of the modules is this: https://github.com/terraform-google-modules/terraform-google-lb-http to create a Load Balancer with a registered domain and everything.

My app works perfect in HTTP mode, but once I want to use SSL, TF creates the certificates on GCP and redirects all traffic to HTTPS.

The problem is that the app is not responding and getting 503 all the time with the error malformed HTTP request

I guess I have to run uwsgi inside the container in HTTPS mode but for that I need the certificate and private key files to be available locally inside the container.

According to GCP support, right now we cannot download these files.

Is there any solution or workaround that I can do?

question from:https://stackoverflow.com/questions/65915265/use-google-managed-ssl-certificate-with-dockerized-uwsgi-app

Answer 1

As commented by John, if you want to configure your application for HTTPS traffic using a Google Cloud External HTTP/S Load Balancer, you can keep the backend using HTTP meanwhile the external clients can still connect using HTTPS to the Load Balancer Frontend.

This would look something like this:

Client --- (HTTPS) ---> Load Balancer --- (HTTP) ---> Backend

If you want to also encrypt the private traffic from the Load Balancer to your docker application, you will need to use your own self signed certificate on the application itself.