0

Google's "Setting Up HTTP(S) Load Balancing" page says in English:

Sessions between the load balancer and the instance can either be HTTPS or HTTP. If you use HTTPS, each instance in the backend services must have an SSL certificate.

... and in German:

Die Client-SSL-Sitzung wird beim Lastenausgleichsmodul beendet. Sitzungen zwischen dem Lastenausgleichsmodul und der Instanz können entweder HTTPS- (empfohlen) oder HTTP-Sitzungen sein. Handelt es sich um HTTPS, muss jede Instanz in den Back-End-Diensten ein SSL-Zertifikat haben.

In contrast to the English version, the German webpage recommends the use of HTTPS by the backend.

If I am not mistaken, HTTP/2 is not supported on the backend side by the load balancer (…the web servers always see and respond to HTTP/1.1 requests… (source: above linked English webpage)). I have only one server in the internal network. Should I use HTTPS anyway, and why?

duxsco
  • 331
  • 2
  • 17
  • I will be opening a request with the documentation team to clarify the reason both articles differs. My thoughts are that the [advantages and disadvantages](https://blog.nexcess.net/2014/09/03/the-pros-and-cons-of-implementing-ssl-https/) will depend on your network architecture design. If your backend is isolated in one network which does not have VPN connections or other servers might be better to go with a [simple HTTP implementation](https://stackoverflow.com/questions/2746047/why-not-use-https-for-everything). – Carlos Jun 25 '18 at 16:57
  • In regards to the protocol communication used with the backend you are right. [It is documented that HTTP/1.1](https://cloud.google.com/compute/docs/load-balancing/http/) is used between the LB and the backend. – Carlos Jun 25 '18 at 19:55

0 Answers0