If you connect the AWS Global Accelerator to an Application Load Balancer, and then the Load Balancer to an Instance, where in the chain is the HTTPS request terminated and replaced with a plain HTTP request? Do I need certificates at the Global Accelerator Level and the Load Balancer (because HTTPS is only terminated at the Load Balancer), or is HTTPS terminated at the AWS Global Accelerator?
Asked
Active
Viewed 3,241 times
6
-
Global Accelerator is a network layer service. You'd perform TLS termination on either the ALB/ELB or on the EC2 instance. – jarmod Aug 04 '20 at 01:13
1 Answers
8
the TCP connection is terminated at the AWS edge by AWS Global Accelerator (see blog post), while the HTTPS connection is terminated on the load balancer in the AWS Region. So you need certificates only at the load balancer level.
Marco Cagna
- 306
- 2
- 4