Apply a new SSL certificate without removing the original one in the GCP Load balancer - MRLIVING/Becca GitHub Wiki

GCP load balancer allows us to apply for a new SSL certification and use the old one simultaneously.

In this practice, we apply a new Google-managed SSL certificate for the domain hoogahome.com while the original one is not expired.

Follows the steps below to set up the certificates.

1. Network services > Load balancing > click and enter the target Load balancer details > EDIT a Load balancer.

   Note that the load balancer should be settled down for the target domain already (check reference).

2. Frontend configuration > Protocol HTTPS, ... > Certificates > CREATE A NEW CERTIFICATE

3. Create Google-managed certificate

   Note that the Domain and IP mapping should be specified in the DNS via the DNS vendor console, e.g., GoDaddy, in advance.

   Notes.

   The Health checks must be passed during Google-managed certificate acquisition.
   See/Set Probe IP ranges and firewall rules to satisfy the health check.

4. Thus, there are 2 certificates, i.e., new and old, in the load balancer.

Reference

• Using Google-managed SSL certificates