2개 답변
- 최신
- 최다 투표
- 가장 많은 댓글
0
If you’re referring to mutal TLS then an NLB with a TCP listener and target group of your containers. For mTLS support, create a TCP listener instead of a TLS listener. The load balancer passes the request through as is, so you can implement mTLS on the target.
0
You can consider using a TCP -> TCP listener configuration on Network Load Balancer (NLB) or Classic Load Balancer (CLB), and implement the mTLS on the target/backend. With a TCP -> TCP listener configuration, the Elastic Load Balancer is not doing anything with TLS / Layer 7, and is instead simply forwarding packets. This means that no SSL/TLS termination will be offloaded to the ELB and the SSL/TLS negotiation will occur directly between the client and backend instance.
답변함 6달 전
