All Products
Search

This Product

    ENS:Configure an HTTPS listener

    Document Center

    ENS:Configure an HTTPS listener

    Last Updated:Oct 25, 2024

    If your services need to transmit sensitive data, such as user information or identity information, or you want to improve service security, you can add an HTTPS listener to your Edge Load Balancer (ELB) instance. HTTPS listeners can forward HTTPS requests over encrypted connections.

    Prerequisites

    • An ELB instance is created. For more information, see Create an ELB instance.

    • When you configure an HTTPS listener, you need to upload a server certificate. You can use a certificate from Certificate Management Service or upload a third-party server certificate and CA certificate to Certificate Management Service. For more information, visit the Certificate Management Service product page.

    Procedure

    1. Log on to the ENS console.

    2. On the ELB Instances page, find the ELB instance that you want to manage and click Listener Configuration in the Actions column.

    3. On the Listener tab, click Add Listener.

    4. Configure the following parameters.

      Parameter

      Description

      Listener Name

      Specify a name for the listener.

      ELB Protocol

      In this example, HTTPS is selected.

      Listener Port

      Specify a listening port that is used by ELB to receive requests and forward the requests to backend servers. Valid values: 1 to 65535.

      Note

      We recommend that you use port 443 for HTTPS.

      Advanced Settings

      Note

      Click Modify to configure the advanced settings.

      Scheduling Algorithm

      • Weighted Round-Robin (WRR): Backend servers that have higher weights receive more requests than backend servers that have lower weights.

      • Weighted Least Connections (WLC): Requests are distributed based on the combination of the weights and active connections of backend servers. If multiple backend servers have the same weight, requests are forwarded to the backend server that has the least number of connections.

      • Round-Robin (RR): Requests are distributed to backend servers in sequence.

      Idle Connection Timeout Period

      If no request is received within the specified timeout period, ELB closes the connection. When a request is received, ELB establishes a new connection.

      Connection Request Timeout Period

      If the backend server does not respond within the timeout period, ELB returns the HTTP 504 error code to the client.

      Obtain Client IP Address

      Specify whether to preserve the IP addresses of clients. Only Layer 4 listeners support this feature. By default, this feature is enabled.

    5. Click Next, and configure health checks. For more information, see Configure health checks.

      Note

      If you set the ELB Protocol parameter to HTTPS, make sure that you have uploaded a server certificate on the health check page.

    6. After you configure health checks, click Next. Confirm the settings and click Create.

    7. On the Listener tab, find the listener that you want to enable and click Enable in the Actions column.