Amazon AWS - EC2 - Load Balancer (ELM) & SSL Questions

0
votes

Background:

  • I had 1 instance created for EC2
  • I had my domain pointing to this instance
  • I had SSL installed for this instance (things were running great)
  • Furthermore:
  • I opted to create a second instance (using custom AMI from first instance)
  • I create a load balancer (things were working great -- from what i can tell...)

Question:

Why do I need to install the SSL certificate on the load balancer when it seems to have already been working?

1
sslamazon-ec2

1 Answers

1
votes

I would presume when you say load balancer, you are refering to AWS ELB. If this is no the case, then disregard my answer.

Well the Best practice is to install SSL certs on load balancer and do the SSL termination there. Let the load balacner do SSL encryption/decryption so that your web server can do what they do the BEST...serving hte web pages.

Why do I need to install the SSL certificate on the load balancer

Now, technically You set is fine and you don't have to install SSL on load balancer. But then you have to use TCP Load Balancing feature of AWS ELB where in ELB will simply accespt traffic on 443 and will forward it to Web servers on 443. And then let your web servers do the SSL work.

I think this what you are looking for.