Google PubSub: SSL error when subscribing using an AppEngine push endpoint

0
votes

I created a topic which I subscribe to using a push endpoint. The endpoint is a simple AppEngine web service. The Google PubSub documentation states that endpoints must be secured by HTTPS.

I am not receiving any traffic to the push endpoint. The AppEngine web service shows no requests. I've verified through the Google PubSub dashboard that messages are being published on the topic successfully. The dashboard shows unreachable_ssl_error for push subscriptions. Why is Google PubSub reporting this error?

When I try to access the SSL AppEngine endpoint via a browser I receive an SSL cert error also. Is this normal for AppEngine sites?

1
google-app-enginegoogle-cloud-pubsub
What does the actual URL look like? Is it a versioned URL?Takashi Matsuo

1 Answers

1
votes

As documented at https://cloud.google.com/appengine/kb/general#https , SSL is supported on App Engine, but in a somewhat peculiar way.

Specifically, and I quote...:

Note: After April 2013 Google does not issue SSL certificates for double-wildcard domains hosted at appspot.com (i.e. *.*.appspot.com). If you rely on such URLs for HTTPS access to your application, change any application logic to use "-dot-" instead of ".". For example, to access version v1 of application myapp use https://v1-dot-myapp.appspot.com.

Also look at the previous paragraph at this same URL about the need for secure in app.yaml and a link to language-specific instructions on exactly how to configure things, e.g https://cloud.google.com/appengine/docs/python/config/appconfig#Python_app_yaml_Secure_URLs if you're programming in Python.