Custom SSL Cert

[grant]

Summary

Provide an option for a developer to bring your own SSL key/cert:

• FUNCTION_SSL_KEY: string – Path to your key.pem file. i.e. keys/agent2-key.pem
• FUNCTION_SSL_CERT: string – Path to your cert.pem file. i.e. keys/agent2-cert.pem

Examples

What we'd do in the Function Frameworks (very roughly):

Go:

    srv := &http.Server{
        Addr:         ":443",
        Handler:      mux,
        TLSConfig:    cfg,
        TLSNextProto: make(map[string]func(*http.Server, *tls.Conn, http.Handler), 0),
    }
    log.Fatal(srv.ListenAndServeTLS(os.Getenv("FUNCTION_SSL_KEY"), os.Getenv("FUNCTION_SSL_CERT")))

Node:

const options = {
  key: fs.readFileSync(process.env.FUNCTION_SSL_KEY),
  cert: fs.readFileSync(process.env.FUNCTION_SSL_CERT)
};

https.createServer(options, (req, res) => {
  res.writeHead(200);
  res.end('hello world\n');
}).listen(8000);

Reported issues

• Node: https://github.com/GoogleCloudPlatform/functions-framework-nodejs/issues/66

[grant]

WDYT @juliehockett?

[grant]

There are workarounds, like proxying your container with a SSL cert handler. Given that and the number of requests for this feature, closing.