Certified Security - Specialty

Sign Up Free or Log In to participate!

Why would you attach a certificate to the load balancer?

Is this for the situation where you dont have a certificate associated with the domain so when users access the site and hit the load balancer, it will encrypt that traffic and show as safe?

Is this the opposite of terminating SSL at the ALB level?

thank you so much!

2 Answers

The reason you add an SSL cert to your Load Balancers is so that it can support secure traffic (ie HTTPS instead of just regular HTTP). This also unloads some work from your application server as it doesn’t have to perform that overhead work.

Tom Townsend

You will also need this to be able configure http to https redirects

SSL certificate contains a public and private key pairs that you can encrypt/decrypt traffic. If you want to terminate your SSL connection at your load balancer, then you have to associate a SSL certificate with your LB. If you’re using layer 4 load balancer such as CLB with TCP listener, you can offload the SSL termination to the backend servers so you don’t have to associate a SSL certificate with your LB.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?