Sunday, October 31, 2010

Amazon Elastic Load Balancing support for HTTPS

Amazon Elastic Load Balancing (ELB) adds HTTPS support wherein we can supply the SSL certificate to the AWS account and configure the ELB with the certificate. Lets us see how this feature can help the admins:
SSL Certificate Management in Amazon EC2: Customers can manage their certificates on Amazon Elastic Load balancing level instead of the Amazon EC2 instance level. This avoids bundling instances to S3 AMIs and relaunching them when certificates are to be renewed. This saves a whole lot of effort for the Sys Admins , specifically when using Amazon Auto Scaling for our web layer installed with SSL certificates.
Solves Windows SSL problem for S3 backed AMIs: when a SSL certificate is installed on IIS on Windows 2003/2008 EC2 instance and it is bundled-launched from S3 backed AMIs , the certificate will not function properly. This is because of the SysPrep phase which happens during the bundle-launch actions of S3 backed AMIs for EC2 windows. Infra Admins who encounter this problem could avoid this problem altogether and keep their certificates in Amazon ELB and solve this problem.  
Note: This problem could be solved using Boot from EBS option, but still some enterprise customers find it difficult to introduce Boot from EBS in their production systems and had developed their custom scripts to solve this problem. This Amazon ELB SSL feature will be of good help to them.
Offloading SSL decryption Traffic: Amazon ELB will do the decryption SSL/TLS traffic in its servers and offloads this activity from our Application EC2 instances.
For more information about Amazon Elastic Load balancing refer

No comments:

Need Consulting help ?


Email *

Message *

All posts, comments, views expressed in this blog are my own and does not represent the positions or views of my past, present or future employers. The intention of this blog is to share my experience and views. Content is subject to change without any notice. While I would do my best to quote the original author or copyright owners wherever I reference them, if you find any of the content / images violating copyright, please let me know and I will act upon it immediately. Lastly, I encourage you to share the content of this blog in general with other online communities for non-commercial and educational purposes.