请问HN:如何设置Cloudflare DNS代理和GCP负载均衡器以支持HTTPS?
我通过HTTPS使用签名的谷歌证书,将Cloudflare DNS代理连接到我的GCP负载均衡器API端点。负载均衡器有一个防火墙规则,仅允许Cloudflare的IP进行连接。为了更新谷歌证书,我每三个月需要禁用防火墙规则并关闭DNS代理。这是一个手动过程,降低了我的安全性。<p>有没有更好的解决方案?
查看原文
I have Cloudflare DNS Proxy connect to my GCP load balancer API endpoint via HTTPS with a signed google certificate. The load balancer has a firewall rule allowing only Cloudflare IPs to connect. Once every 3 months in order to update the google certificate I need to disable the firewall rule and turn off the DNS proxy. A manual process that lowers my security.<p>Is there a better approach to this?