Deployment overview

This page describes the steps for deploying a certificate with Certificate Manager. For more information on the Certificate Manager entities mentioned on this page, see How Certificate Manager works.

To deploy a certificate, you must complete the following steps:

  1. Optional: If you want to use a Google-managed certificate with DNS authorization, configure a DNS authorization for this certificate.
  2. Create a Google-managed certificate (recommended) or upload a self-managed certificate.
  3. Configure a certificate map for this certificate:
    1. Create a certificate map.
    2. Add the certificate map entries for hostnames that require this certificate.
    3. Optional: Add a certificate map entry for the primary certificate to use when the load balancer cannot find a certificate specific to the requested hostname in this certificate map.
  4. Verify that the certificate and its corresponding certificate map entry are active. If you are using a Google-managed certificate with load balancer authorization, the certificate only becomes active after you complete the following step and the certificate completes provisioning.
  5. Attach the certificate map to the desired target proxy in your load balancer configuration.

What's next