Setting up SSL for Google Cloud Storage static website?

Yes!

Using GCS directly via CNAME redirects only allows HTTP traffic.

To use HTTPS with your own domain, you'll need to set up Google Cloud Load Balancer, and optionally you'll want to set up Google Cloud CDN as well. While it adds a bit of complexity, Google Cloud Load Balancer allows you to fill a domain with all sorts of content. Some resources could be served by a GCS bucket, but you could also have servers in GCE serving dynamic content for other paths.

There are instructions for setting this up here: https://cloud.google.com/compute/docs/load-balancing/http/using-http-lb-with-cloud-storage.


As of April 2019: https://cloud.google.com/storage/docs/troubleshooting#https

HTTPS serving Issue: I want my content served through HTTPS.

Solution: While you can serve your content through HTTPS using direct URIs such as https://storage.googleapis.com/my-bucket/my-object, when hosting a static website using a CNAME redirect, Cloud Storage only supports HTTP. To serve your content through a custom domain over SSL, set up a load balancer, use a third-party Content Delivery Network with Cloud Storage, or serve your static website content from Firebase Hosting instead of Cloud Storage.

Pretty shocking in this day and age that with letsEncrypt everywhere they have not figured out how to do this.


An alternative would be to host your domain DNS server at CloudFlare. They give free HTTPS to HTTP service.


More Info:

  • https://www.cloudflare.com/ssl/
  • Adding HTTPS For Free With CloudFlare