By using AWS re:Post, you agree to the Terms of Use

TLS 1.3 support for NLB


I am trying to configure my ALB to allow TLS 1.3. I read the article that this feature is available with the security policy in bold below:

Elastic Load Balancing provides the following security policies for Network Load Balancers:


The newest security policy I am offered is "ELBSecurityPolicy-FS-1-2-Res-2020-10"

I may be missing a key concept with load balancers and Listener security policies and would appreciate any help. It's an Application Load Balancer, HTTPS/443 chosen as the only listener.

2 Answers
Accepted Answer

The announcement you've linked to is for Network Load Balancer; you're using Application Load Balancer which is why you're not seeing the TLS 1.3 security policies.

profile picture
answered 6 months ago
  • Thank you, that's the part I missed. I hope they will implement 1.3 soon on ALB because auditors look to have 1.2 and 1.3 available and nothing below 1.2.

  • Is there any update on TLS 1.3 support for the ALB?


Really wish there was some communications or ETA for TLS 1.3 support by AELB, when both NLB and CloudFront support it. Seems a bit lame that AELB does not.

Most SSL scanning tools are already beginning to mark TLS 1.2 as less than desirable.

answered 4 months ago
  • Please get in touch with your local AWS Solutions Architect; they can discuss this with you further.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions