Please enable JavaScript.
Coggle requires JavaScript to display documents.
8.80: ELB - SSL Certificates - Coggle Diagram
8.80: ELB - SSL Certificates
Basics
Allow traffic between client and LB encrypted in transit
SSL = Secure Socket Layer, use to encrypt connection
TLS = Transport Layer Security - newer version
You can manage certificates by Amazon Ceritficate Manager
HTTPS listener
Must specify default listener
Must add optional list of certs to support multi domain
Client can use SNI
Server Name Indication
to specify host name they reach
SNI solve problem load multi SSL certs onto 1 web server (serve multi website)
It is newer protocol require user to indicate host name of target server in the initial SSL handshake
Only work for App LB and Network LB, CloudFront
SSL Certs
Classic LB (v1)
Only support 1 SSL
Must use multiple CLB for multi host name with multi SSL
App LB (v2)
Support multi listeners with multi SSL
Use SNI to make it works
Network LB (v2)
Support multi listeners with multi SSL
Use SNI to make it work