GCP quickstart - https

We have successfully implemented Snowplow on GCP, following the quick-start guide provided in the documentation. Initial tests using curl to send requests directly to the collector’s IP address over HTTP are successful, returning a 200 status code:
curl -i http:///com.snowplowanalytics.snowplow/tp2

However, when we configure Google Tag Manager (GTM) to send events to the collector, we encounter issues because GTM is attempting to send events over HTTPS, not HTTP.

To further investigate, we tried accessing the collector over HTTPS using curl, which resulted in the following SSL handshake error:
curl -i https:///com.snowplowanalytics.snowplow/tp2
curl: (35) error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure

It appears there’s an SSL configuration issue, but I’m unsure how to resolve it without affecting the current Snowplow installation. Could anyone provide information or guidance on how to configure the Snowplow collector to accept HTTPS connections from GTM?

Thank you in advance

Hi @talazriel by default there is no HTTPS setup as that would involve setting DNS records and generating certificates which we cannot automate from a generic open-source setup!

To get HTTPS working you will need to:

  1. Create an A record for a domain you own pointing to the IP Address of the Load Balancer you have created (e.g. c.acme.com)
  2. Generate and link in a valid GCP Certificate here: quickstart-examples/terraform/gcp/pipeline/default/terraform.tfvars at main · snowplow/quickstart-examples · GitHub

The ID you need can be fetched from a google_compute_ssl_certificate resource like so:

resource "google_compute_ssl_certificate" "default" {
  name        = "my-certificate"
  private_key = file("path/to/private.key")
  certificate = file("path/to/certificate.crt")
}

certificate_id = google_compute_ssl_certificate.default.id

If you don’t already have a certificate you can upload then the alternative option is to use a Google Managed Certificate as documented here: Terraform Registry

Hope this helps!

1 Like

For future reference we have also added HTTPS guidance to our docs now: Quick start guide | Snowplow Documentation

1 Like

Thank you very much Josh, for the quick reply and for updating the documentation.

1 Like