How can I configure a load balancer to support HTTPS requests, so I that can use an SSL/TLS certificate?

If you don't have a certificate issued for your domain name, you can Request a Public Certificate using AWS Certificate Manager (ACM). To use a third-party certificate with a load balancer, you can either Import the certificate to ACM or Import the certificate to AWS Identity and Access Management (IAM).

The following imported key algorithms can be used with load balancer:

Algorithm ACM (Preferred) IAM
1024-bit RSA (RSA_1024) Yes Yes
2048-bit RSA (RSA_2048) Yes Yes
RSA (up to 16384 bits)   Yes
Elliptic Curve (ECDSA)   Yes

Note: ACM certificates must be requested or imported in the same AWS Region as your Classic Load Balancer or Application Load Balancer.

You can configure load balancers to use the SSL/TLS protocol for encrypted connections between the load balancer and clients that initiate HTTPS sessions.

To install an SSL certificate on the load balancer, see the following steps based on the type of load balancer you're using:

Application Load Balancers support multiple SSL/TLS certificates using Server Name Indication (SNI).

If you request a public certificate from ACM or import a certificate into ACM, ACM does not export private keys for ACM-issued public certificates. You can use ACM certificates with Services that are Integrated with AWS Certificate Manager. You cannot directly install certificates on Amazon Elastic Compute Cloud (Amazon EC2) websites or applications, but you can use the certificate with a load balancer and register the EC2 instance behind the load balancer.

Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center.

Published: 2018-05-21