Announcing public availability of Google Cloud Certificate Manager
Product Manager, Core Security
Product Manager, Google Cloud
Today we are pleased to announce that Cloud Certificate Manager is now in general availability. Cloud Certificate Manager enables our users to acquire, manage, and deploy public Transport Layer Security (TLS) certificates at scale for use with your Google Cloud workloads. TLS certificates are required to secure browser connections and transactions.
Cloud Certificate Manager supports both self-managed and Google-managed certificates, as well as wildcard certificates, and has monitoring capabilities to alert for expiring certificates.
Scale to support as many domains as you need
Since our public preview announcement supporting the SaaS use cases, we have scaled the solution to serve millions of managed domains. Alon Kochba, head of web performance at Wix, shared how Certificate Manager’s scale and performance helped them lighten their workload.
“As a SaaS product, we need to terminate SSL for millions of custom domains and certificates. Google Cloud's Certificate Manager and External HTTPS Load Balancing lets us do this at the edge, close to the clients, without having to deploy our own custom solution for terminating SSL,” Kochba said.
Streamline your migrations
You can now deploy a new certificate globally in minutes and greatly simplify and accelerate the deployment of TLS for SaaS offerings. Coupled with support for DNS Authorizations, you can now streamline your workload migrations without major disruptions. James Hartig, co-founder of GetAdmiral.com, shared this with Google after the migration experience.
“I just wanted to say thank you so much for the release of Certificate Manager and its support for SaaS use cases. We just completed our migration to using Google to terminate TLS and everything went really smoothly and we couldn't be happier.”
Automate with Kubernetes & self-service ACME certificate enrollment
We have further introduced a number of automation and observability features including:
Kubernetes integration in public preview with Cloud Certificate Manager
Self-service ACME certificate enrollment, now in public preview
The ability to track Certificate Manager usage in the billing dashboard
We also have started work on incorporating Terraform automation with Cloud Certificate Manager, which will simplify your workload automation.
During the certificate manager private preview of the ACME certificate enrollment capability, our users have acquired millions of certificates for their self-managed TLS deployments. Each of these certificates comes from Google Trust Services, which means our users get the same TLS device compatibility and scalability we demand for our own services. Our Cloud users get this benefit even when they manage the certificate and private key themselves–all for free.
We look forward to you using Certificate Manager and these new capabilities to improve the reliability of your services and help encourage further adoption of TLS.
How Google Cloud blocked the largest Layer 7 DDoS attack at 46 million rps
By anticipating a DDOS attack, a Google Cloud customer was able to stop it before it took down their site. They just weren’t expecting it to be the biggest known Layer 7 DDOS attack so far, at 46 million rps.
By Emil Kiner • 4-minute read