I mean, having a website nowadays (even more an eCommerce website) means you have SSL/TLS certificate installed… so I would assume that if the website is already up and running then it should have a certificate installed somehow… probably if it’s a single-instance website is setup in the webserver (Apache/Nginx). That being said, I think option C is a plausible but not preferred choice.
I can see your logic there and you’re right…SSL is kind of irrelevant because you’d have SSL certs on your backend servers. I would say C (Route 53 Multi-value) is plausible from an SSL standpoint but you’d still need to maintain those certs and update them prior to expiry…maybe not too bad but something to do. I’d much rather have an auto-renewed cert from Cert Manager myself.
But, one thing to remember is that AWS exam questions always want you to use the right-sized tool for the job and nothing more. Even though both ALBs and NLBs support SSL termination and sticky sessions, an ALB is optimized for HTTP/S which is all we need in this case.
Thank you so much for the detailed answer Scott, I really appreciate it. The course is awesome, tomorrow I will take my chance at the exam and no matter the result I can definitely say that I learned a lot of the "whys" behind AWS services. Thank you again for this world-class course!