Help Center> Elastic Load Balance> FAQ> HTTP/HTTPS Listeners> Which Protocol Should I Select for the Backend Server Group When Adding an HTTPS Listener?
Which Protocol Should I Select for the Backend Server Group When Adding an HTTPS Listener?
Each load balancer establishes a three-way handshake with the client and communicates with backend servers using HTTP. In addition, SSL offloading is performed on the load balancer. If you want to add an HTTPS listener, select HTTP for the backend server group.
If you do not want load balancers to decrypt HTTPS requests, configure a TCP listener with the same port number to transmit HTTPS traffic to backend servers. In addition, configure an inbound security group rule with the protocol set to TCP and the port number set to the same used by the HTTPS listener to allow traffic from the load balancer.
The following figure shows how a TCP listener passes HTTPS traffic to backend servers over port 443 without decryption.
Figure 1 HTTPS traffic transparently transmitted through TCP
Parent topic: HTTP/HTTPS Listeners
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.