


 Resolution
-----------



Although only the client can initiate a session resumption, either side can initiate session renegotiation. Support of SSL/TLS renegotiation varies by load balancer type:


* **Classic Load Balancers**support secure client-initiated renegotiations for incoming SSL/TLS client connections. Classic Load Balancers also support server-initiated renegotiation for the backend SSL/TLS connection. **Note:**If you need to disable client-initiated renegotiations for incoming SSL/TLS connections, you can [migrate to an Application Load Balancer](https://docs.aws.amazon.com/elasticloadbalancing/latest/userguide/migrate-to-application-load-balancer.html) where these renegotiations aren't supported.
* **Application Load Balancers**don't support SSL/TLS renegotiation for client or target connections.
* **Network Load Balancers**don't support SSL/TLS renegotiation.


All load balancers support session resumption. However, only Network Load Balancers support resuming an SSL session that was originally negotiated with a different IP associated with the same load balancer.  
 





---




 Related Information
--------------------



[Update the SSL Negotiation Configuration of Your Classic Load Balancer](https://docs.aws.amazon.com/elasticloadbalancing/latest/classic/ssl-config-update.html)  
 







How can I determine if my load balancer supports Secure Sockets Layer/Transport Layer Security (SSL/TLS) renegotiation?

Determine if a Load Balancer Supports SSL/TLS Renegotiation

How can I determine if my load balancer supports SSL/TLS renegotiation?

How can I determine if my load balancer supports SSL/TLS renegotiation?

Resolution

Related Information

Relevanter Inhalt