By using AWS re:Post, you agree to the Terms of Use

TLS 1.3 support for NLB

1

I am trying to configure my ALB to allow TLS 1.3. I read the article that this feature is available with the security policy in bold below:

https://aws.amazon.com/about-aws/whats-new/2021/10/aws-network-load-balancer-supports-tls-1-3/

Elastic Load Balancing provides the following security policies for Network Load Balancers:

ELBSecurityPolicy-TLS13-1-2-2021-06
ELBSecurityPolicy-TLS13-1-2-Res-2021-06
etc
etc

The newest security policy I am offered is "ELBSecurityPolicy-FS-1-2-Res-2020-10"

I may be missing a key concept with load balancers and Listener security policies and would appreciate any help. It's an Application Load Balancer, HTTPS/443 chosen as the only listener.

2 Answers
1
Accepted Answer

The announcement you've linked to is for Network Load Balancer; you're using Application Load Balancer which is why you're not seeing the TLS 1.3 security policies.

profile picture
EXPERT
answered 6 months ago
  • Thank you, that's the part I missed. I hope they will implement 1.3 soon on ALB because auditors look to have 1.2 and 1.3 available and nothing below 1.2.

  • Is there any update on TLS 1.3 support for the ALB?

0

Really wish there was some communications or ETA for TLS 1.3 support by AELB, when both NLB and CloudFront support it. Seems a bit lame that AELB does not.

Most SSL scanning tools are already beginning to mark TLS 1.2 as less than desirable.

answered 4 months ago
  • Please get in touch with your local AWS Solutions Architect; they can discuss this with you further.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions