检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Server Certificate The existing server certificate Specifies the certificate that will be used by the backend server for SSL handshake negotiation to authenticate clients and ensure encrypted transmission.
Custom TLS security policies HTTPS encryption is commonly used for applications that require encrypted data transmission. ELB allows you to use common TLS security policies to secure data transmission.
Adding a TLS Listener Scenarios If you require ultra-high performance and large-scale TLS offloading, you can add a TLS listener to forward encrypted TCP requests from clients. TLS is available in certain regions. You can see which regions support TLS on the console.
Load balancing at Layer 7 provides some advanced features such as encrypted transmission and cookie-based sticky sessions. Supported Supported HTTPS support HTTPS can be used as both the frontend and backend protocol.
For HTTPS listeners, encrypted WebSocket (wss://) is supported by default. Parent topic: Listeners
Authentication Requests for calling an API can be authenticated using either of the following methods: AK/SK authentication: Requests are encrypted using AK/SK pairs. AK/SK authentication is recommended because it is more secure than token authentication.
Adding an HTTPS Listener Scenarios You can add an HTTPS listener if you require encrypted transmission. Load balancers decrypt HTTPS requests before routing them to backend servers. Once the servers process the requests, they send them back to the load balancers for encryption.
Finally, the load balancers send the encrypted requests to the clients. When you add an HTTPS listener, ensure that the backend subnet of the load balancer has sufficient IP addresses.
After receiving the Server Hello packet from the backend server, the load balancer sends an encrypted HTTP GET request to the backend server (in the format of {Private IP address}:{Health check port}/{Health check path}).
data transmission that can prevent unauthorized access Encryption and decryption performed on load balancers Multiple versions of encryption protocols and cipher suites Web applications that require encrypted transmission Frontend Protocols and Ports Frontend protocols and ports
data transmission that can prevent unauthorized access Encryption and decryption performed on load balancers Multiple versions of encryption protocols and cipher suites Workloads that require encrypted transmission, such as e-commerce and financial services Application listeners
