1 Answer
- Newest
- Most votes
- Most comments
1
I haven't tested this but looking at this blog here - https://aws.amazon.com/blogs/aws/mutual-authentication-for-application-load-balancer-to-reliably-verify-certificate-based-client-identities/ - your use case is not supported. Your options are mTLS passthrough where the mTLS auth is happening between origin and client or "verify with trust store" where the mTLS happens between Client and ALB. I don't see any way to configure it to do TLS to ALB and mTLS from ALB to origin.
Given this is a newly supported feature, I would not be surprised to see additional releases in future which may then cover your use case but for now the mTLS options on ALB won't work for your quoted use case.
answered 5 months ago
Relevant content
- Accepted Answerasked a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 10 months ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 20 days ago