This article is mostly inspired from existing sources on the interwebs   but tries to simplify the process by making it environment independent.
Let’s Encrypt is a great, free [put here other great words] certificate authority. But as you already have heard of them, you are probably wondering on how to actually take advantage of this, especially if you are using Google App Engine (GAE).
Generating a new certificate
The examples are from an Ubuntu Linix machine. Probably it will work on OS X, not sure about Windows. :-/
$ git clone https://github.com/letsencrypt/letsencrypt $ cd letsencrypt $ ./letsencrypt-auto –help
Next you will be presented with a simple graphical interface where you can specify for which domains you need SSL certificates.
$ sudo ./letsencrypt-auto -a manual certonly
The last step before the SSL certificate is issues, is verifying that you actually own the domain.
DO NOT PRESS ENTER until you can actually check the expected response from you server.
Now here is the difference from other tutorials: most of them will make you upload a script for this. From what I have observed, a simple plain-text file will do just fine.
Create a text file and put there the expected response. I have used:
Configure a new handler in you app.yaml file:
handlers: # Modify the URL below as instructed - url: “/.well-known/acme-challenge/fVQqgmgRqBXe8CU_4NY8Sih28HVV3Gb9-Fx5p45ELIk” static_files: _letsencrypt/acme.txt upload: _letsencrypt/acme.txt
Upload a new version of your app to GAE and make sure it serves the expected URL.
Can you see it? Than you can press ENTER and start the verification. If it succeeds, the certificate will be generated.
If it fails, you need to figure out what you did wrong and start the whole process again.
Using the generated certificate
Now go to the Google Cloud Platform and open your project.
On the left menu, click Settings and after you will see a tab SSL Certificates.
Click “Upload a new certificate” and a form will open.
For the first text field (public certificate), you will need to run the following command from your console and copy the output. Replace example.com with your domain name.
$ sudo less /etc/letsencrypt/live/example.com/fullchain.pem
Same for your private key. Replace example.com with your domain name.
$ sudo openssl rsa -inform pem -in /etc/letsencrypt/live/example.com/privkey.pem -outform pem | less
Upload the certificate.
Test your website.
Remember to note when it expires.
Something wrong with this tutorial? Just drop a comment below. Thanks!
 http://blog.seafuj.com/lets-encrypt-on-google-app-engine  http://igorartamonov.com/2015/12/lets-encrypt-ssl-google-appengine/