This topic describes how to configure HTTPS for Application Load Balancer (ALB ) to achieve encrypted communication.

Scenarios

As a large number of enterprises migrate their services to the cloud, high security of cloud services is demanded, especially by governments and financial enterprises. To ensure service security, more and more enterprises require encryption for both frontend communication and backend communication. This requires ALB to ensure communication security when clients send requests to ALB and when ALB forwards requests to backend servers.

ALB supports HTTPS encryption to ensure communication security when clients send requests to ALB and when ALB forwards requests to backend servers.

HTTPS encryption

Configure HTTPS

  1. Log on to the ALB console.
  2. In the top navigation bar, select the region where the ALB instance is deployed.
  3. In the left-side navigation pane, choose ALB > Server Groups.
  4. Set the following parameters and click Create.
    • VPC: Select the virtual private cloud (VPC) to which the ALB instance belongs.
    • Backend Server Protocol: Select HTTPS.
    • For more information about the parameters, see Create a server group in Manage server groups.
  5. In the Server group created dialog box, click Add Backend Server. On the Server Groups page, find the server group that you created and click Modify Backend Server in the Actions column.
  6. On the Backend Servers tab, click Add Backend Server.
  7. In the Add Backend Server panel, specify the type of backend server, select the backend server that you want to add, and then click Next.
  8. Set the server port to 443, set the weight, and then click OK.
  9. For more information about how to create HTTPS listeners, see Add an HTTPS listener.
    Note In the Select Server Group wizard, select the server group that you created.