Skip to main content

GCP load-balancer ssl certificate resets itself after change [Resolved]

So I need to change an expired SSL certificate. Unfortunately, the one responsible for this task has passed away suddenly. I have no experience with google cloud, kuberneted or ingress.

If I go to the google cloud console, to load balancers and click on the only one shown, it shows the certificate named "k8s-ssl-xyz" which is the expired one I need to change. I tried editing this load balancer, under frontend-settings and creating a new certificate. That worked, but after a few minutes it reverts itself back to the old certificate.

Under kubernetes engine, services and ingress there is a service called "basic-ingress4". It's yaml file contains a line stating: k8s-ssl-xyz

I tried changing "k8s-ssl-xyz" to the name of the certificate I created earlier, but it also gets reversed to the old one after a while.

gcloud beta compute ssl-certificates list


k8s-ssl-xyz                  2019-10-01          2019-08-15
newcert         MANAGED     2019-09-30          2019-12-29        ACTIVE ACTIVE

I also tried

gcloud compute target-https-proxies update k8s-tps-xyz --ssl-certificates newcert

And it returned "Updated [...]" but it didn't work either.

Basically, I am lost here. How can I change this certificate without it resetting itself?

Question Credit: Dawg
Question Reference
Asked October 4, 2019
Posted Under: Network
1 Answers

Your Answer