http://code.google.com/appengine/docs/java/config/webxml.html#Secure_URLs says that

http://code.google.com/appengine/docs/java/config/webxml.html#Secure_URLs说

 <ssl-enabled>true</ssl-enabled>

can be set in your appengine-web.xml file with *.appspot.com subdommains. Google had a typo in their opening tag on that page, just FYI. For Google Apps you can't use HTTPS at all, but for appspot you can.

可以使用* .appspot.com子域名在appengine-web.xml文件中设置。谷歌在该页面上的开头标签上有一个拼写错误,仅供参考。对于Google Apps,您根本无法使用HTTPS,但对于appspot,您可以使用HTTPS。

As far as using your own cert, you can't! For appspot, Google's cert is not signed for your web-app's specific domain so it will cause a browser pop-up, but if accepted the page will load.

至于使用自己的证书,你不能!对于appspot,Google的证书未针对您的网络应用的特定域进行签名,因此会导致浏览器弹出,但如果接受,则会加载该页面。

As of today, App Engine supports SSL on your own domain. See: https://developers.google.com/appengine/docs/ssl

截至今天,App Engine在您自己的域上支持SSL。请参阅:https://developers.google.com/appengine/docs/ssl

Note that there are two options. The more expensive (VIP - $99 per month) will work with all browsers, whereas the cheaper (SNI - $9 per month) doesn't work on some variations. See here: http://en.wikipedia.org/wiki/Server_Name_Indication#Support

请注意,有两个选项。更贵(VIP - 每月99美元)适用于所有浏览器,而更便宜(SNI - 每月9美元)不适用于某些变化。请参见:http://en.wikipedia.org/wiki/Server_Name_Indication#Support

You can also use e.g. Cloudflare.com to front your app and provide SSL. Currently this is HTTPS to Cloudflare and then normal HTTP to App Engine. This will protect from any drive-by hacks but would be possible to intercept should an attacker somehow get between CF and GAE. This technique is described here: http://blorn.com/post/20185054195/ssl-for-your-domain-on-google-app-engine

您也可以使用例如Cloudflare.com为您的应用提供支持并提供SSL。目前,这是HTTPS到Cloudflare,然后是普通的HTTP到App Engine。这将防止任何偷渡式黑客攻击,但如果攻击者以某种方式介入CF和GAE之间,则可以拦截。此处描述了此技术:http://blorn.com/post/20185054195/ssl-for-your-domain-on-google-app-engine