Ssl

#aws #asg #ssl

SSL allows traffic between client and server to be encrypted. SSL is Secure Socker Layer, TLS is Transport Layer Security and it is the newest version.

Public SSL certificated are generated by CA (Certificate Authorities) like GoDaddy, Digicert, Comodo, etc, …

Load Balancer specifications

• Using X509 certificates
• Can manage and upload cert by using ACM.

SSL SNI Server name indication

SNI will help to solve multiple SSL certificate onto one web server (to serve multiple website).

It is newer protocol and it requires the client to detect the hostname of the target server in the inital SSL handshake. Then the server will find the correct cert or return the default one.

It only works for ALB/NLB, not work for CLB