/ System Administration

Amazon Elastic Load Balancer and SSL

If you configure the SSL certificate directly on Amazon’s Elastic Load Balancer (ELB) you save yourself some work since you do not have to configure the certificate on every single EC2 instance. Switching your system from SSL enabled Apache vhosts to ELB is easy:

  1. Log into the AWS Console, click on Load Balancers and click on Create Load Balancer.

  2. Make up a name for the Load Balancer, select HTTPS as Load Balancer Protocol, 443 as Load Balancer Port and 80 as Instance Port. Then click save. The Load Balancer will  forward all HTTPS traffic to the standard Apache HTTP port, you do not need to configure SSL on the instance any more.

  3. The wording on the next screen might sound a bit strange… It asks you for a Certificate Name, you can just make one up again. The Private Key (SSLCertificateKeyFile in the Apache configuration) is the key you used to create the certificate signing request, the Public Key Certificate (SSLCertificateFile in Apache) is the certificate you received from the provider, the Certificate Chain (SSLCertificateChainFile in Apache) is the intermediate certificate. In case of multiple intermediate certificates paste them all below each other into the field.

4. When it asks you to configure SSL ciphers for the HTTPS/SSL listeners of your Load Balancer continue with the default ELBSample-ELBDefaultNegotiationPolicy

  1. Lastly specify a file on your webserver that Amazon can check periodically for availability.

  2. Add the EC2 instances that should be part of the cluster. All instances must be in the same region (e.g. EU – Ireland) but they can be in different zones (eu-west-1a, eu-west-1b or eu-west-1c)

  3. Review the settings and click on Create to start the load balancer

What if you have more domains and need multiple SSL certificates? You cannot add more than one certificate per Elastic Load Balancer but you can create another Load Balancer with the same servers but another certificate. It will cost a bit more but work great.

[![](/content/images/2012/11/Amazon-ELB-300x205.png "Amazon Elastic Load Balancer (ELB)")](/content/images/2012/11/Amazon-ELB.png)
A screenshot of the Elastic Load Balancer setup wizard.
Amazon Elastic Load Balancer and SSL
Share this