I want to enable https listener for my ELB. All my instances are launched by auto-scaling one master instance.
Normally if we are not under an ELB, an nginx server block would be listening to 80 with no ssl_certificate entries, or listening to port 443 ssl with ssl_certificates.
Going over AWS documentation, it doesn't not answer me the following questions:
1) By default, when HTTPS is selected as a load balancer protocol, the instance protocol would be HTTP. Why is that? Don't we need to secure the connection between the ELB and instances?
2) I already have multiple certificates. Wildcard ones and ones for single subdomains, as well as self-signed certificates. How do I move them to the three blocks which AWS allows me to edit (Private Key, Public Key Certificate and Certificate Chain).
3) Next, do I remove the SSL configuration in my server blocks if the instance protocol is going to be HTTP? Should it listen to port 80?
Aucun commentaire:
Enregistrer un commentaire