I have an app in google cloud run. I have connected my domain and added the cname: ghs.googlehosted.com.
my DNS and domain service is in cloud flare.
If the SSL is Full or Full strict I am getting Error 525.
If the SSL in cloud flare is Off or Flexible I am getting ERR_TOO_MANY_REDIRECTS (I also see all the redirects in my logs).
Is it possible put google behind CF when google generates the certificate for my app (same domain)?
Thanks
EDIT
Some more information:
Google does not let me upload a certificate of my own.
Also, google enforce me to expose my app to 8080 and I think it means no-ssl in my app.
Best Answer
Edit:
Cloud run allows you to use port 80, but this depends on the container, as per my experience, when you use port 80 as HTTP server, GCP automatically redirects it into HTTPS at port 443 with a valid SSL certificate from them with HTTP code 302, but when you use a cloud run custom domain then said certificate is generated with Let's encrypt.
At this point I think this is your goal (as per your 1st edit)
If you try to use Cloudflare as proxy here, then you must use Flexible for your no-ssl port 8080 app but Full for HTTPS cloud run apps since Flexible requires the following ports to respond with non 302 HTTP codes, but if you do this with "Full" then the changes might take up to 5 hours from CloudFlare side to propagate according to this.