So here are steps. Maybe they prove helpful for someone else. :)
- First create a CSR (certificate signing request). Since I already had one for creating the certificate in the first place I reused it. Fire up Google if you need to know how it is done.
- Log into your GoDaddy account and follow the steps for the renewal.
- Be sure to select deployment on an external server! Otherwise GoDaddy uses it for there hosted products and you can't download it.
- Download the certificate. It is a zip containing 2 files. Your certifcate and the certificate chain (something like gd_bundle-g2-g1.crt)
- Now here comes the most important part. The Google Management console always complaint that I need to upload the private key and the crt in unencrypted pem/x509 format. You have to combine the two files via
- cat YOUR_CERT.crt GODADDY_CERT_CHAIN.crt > your-crt-combined.pem
- After that upload this file together with your private key and you're good to go.
One last note: The SSL configuration doesn't take place in AppEngine settings but inside your Google Apps account.
If you landed here from a google search while dealing tying to setup your GoDaddy cert on AppEngine and having an issue with Android and GoDaddy's intermediate cert chains, I figured out the solution and documented here: http://www.blainegarrett.com/2017/06/26/how-to-get-appengine-godaddy-android-to-actually-work/
AntwortenLöschenLong story short, you must PEM format the individual .crt files from GoDaddy prior to concating in step 5 above. Pulled my hair out trying to figure this out.