From this question I learned that Google App Engine does not currently support SSL on "custom domains" (at least not as of June 2010, when that question was asked).

Does this mean if I want to host my GAE app on www.mydomain.com, I cannot use SSL?

A few days ago it comes into tests.

Priority:

It is at the top of the Features on Deck list.

http://code.google.com/appengine/docs/roadmap.html

Simultaneous serving:

A custom domain hosted app such as http://www.mydomain.com can still be accessed on its ssl appspot subdomain such as https://yourapp.appspot.com

Issue:

http://groups.google.com/group/google-appengine/browse_thread/thread/844dc97fbfc57bab/0c8651f00072f9ea?lnk=gst&q=ssl#0c8651f00072f9ea

(As the others on here have said) SSL is not currently supported for your own domain. It is aparently on it's way but has been for some time, I believe it is currently only available to a select few Google App Engine for Business customers.

The temporary solution which many (myself included) are using is to setup a reverse proxy from another hosting service (Amazon EC2 in my case) to route SSL traffic.

If your app suits the situation where your URLs are not of importance, you could setup an SSL site somewhere and access your https://xxx.appspot.com version from within an iframe

Either way until GAE offically supports SSL via your Google Apps domains, you will need an external service to workaround it.

Custom SSL is available for App Engine since 27 Jun 2012. You can setup it from your domain's control panel: https://developers.google.com/appengine/docs/ssl

All secure traffic with Google App Engine must be served from your appspot.com domain (https://your-app-id.appspot.com). If you are serving your app off of a Google Apps domain, you must direct all secure traffic through your app's appspot domain.

This is what is written in google app engine documentation. That means. SSL is supported on appspot.com domain

You can get SSL to work on your custom domain hosted on AppEngine, however you need to run a reverse proxy that can modify the host header to do so. If you want to setup a reverse proxy yourself, you can do so following these instructions:

http://radomirml.com/2011/01/30/reverse-proxy-for-gae-application-using-nginx-and-ssl

Alternatively, you can use a reverse proxy service like CloudFlare. The process of getting SSL to work with an appspot.com domain is documented on the CloudFlare Blog:

http://blog.cloudflare.com/ssl-on-custom-domains-for-appengine-and-other

You can use wwwizer.com - it is a reverse proxy service with SSL.

You get an individual IP and it is showing your app both on http and https ports. It is cheaper and easier than hosting the whole server yourself.

This is my service, so, yes, this is blatant advertising :-)

Here's a HOWTO I wrote up explaining how to do SSL on your custom domain using CloudFlare:

http://blorn.com/post/20185054195/ssl-for-your-domain-on-google-app-engine

Since Sdk 1.7.0, released at Google I/O, developers can serve their applications via HTTPS on custom domains using both SNI (Server Name Indication) and VIP (Virtual Ip) based SSL.