Tech Junkie Blog - Real World Tutorials, Happy Coding!: Iaas With AWS: Setup SSL/TLS With Application Load Balancer Part 3

Monday, January 4, 2021

Iaas With AWS: Setup SSL/TLS With Application Load Balancer Part 3

 In the previous post we created four instances with a Launch Template. In this post we are going to add DNS records in Route 53 and configure our Application Load Balancer with our certificates.

Before we start creating stuff let's take a step back and look at how we want to configure the website.  Let's say a bank wants to branch out into investing, so it wants to dedicate to instances to it's investing arm.  In our architecture we would have two target groups, one target group handling traffic for https://acmebanking.com and the other target group handling traffic for https://investing.acmebanking.com

We are going to register all four instances on the load balancer.

1. So now we ready to create an Application Load Balancer, give it a name and for the listener add an HTTPS listener to the existing one


2. For the Availability Zones, choose at least one that matches your server's AZ, click "Next"


3. On the next page select "Choose a certificate from ACM (recommended), select the "Certificate name" from the drop down menu.  Then accept the default "Security policy"


4. Select "Next" then choose a Security Group that allows web traffic, or create an inbound rule that allows it

5.  On the "Configure Routing" page accept the default, create a new target group and change "Health threshold" to 2


6.  On the "Register Targets" page we are going to register the four instances that we've created, click "Review"

7. Click "Create"
8.  If the "Security Group" you choose for the load balancer does not have an inbound rule for HTTPS traffic you will get a warning, so go back to your Security Group and add a HTTPS inbound rule

The warning will go away once you added the rule for HTTPS inbound

8. Now click on "Target Groups" in the EC2 Dashboard and create another target group for investing.acmebanking.com, click on "Create target group: button
Give your target group a name, accept the default and click "Create" you may be wondering why we listen on port 80 that's because the load balancer takes care of HTTPS traffic it has the certificate, the instances does not need to handle HTTPS traffic, it can continue to deal with HTTP traffic.

9. On the "Register targets" page select Server 3 and Server 4

Click "Create target group" button, I believe the target one has all four servers, you can "Deregister" Server 3 and Server 4 on it if you want to now that we have target group 2 or you can leave it if you like.

10.  Now that we have an additional target group we want to add the investing.acmebanking.com certificate to the load balancer.  So click on "Listerners" on the load balancer and click on "View/edit certificates", currently the load balancer only uses target group 1, we are going to change that add a rule to use target group 2

11.  Click on the "+" next to "Certificates", check "investing.acmebanking.com" certificate and click "Add"
12.  There should now be two certificates
13. Now you want to edit the load balancing rules so that it could handle traffic for investing.acmebanking.com. Click on "View/edit rules" on the HTTPS listener

14. Add a host header rule that says if the host header is investing.acmebanking.com forward the traffic to target group 2

Now you should have the following rules








18 comments:

  1. Thanks for sharing this post. You are having great posts on your website but did you know there are many people out there who are not even aware of your website but are searching for the same niche content on internet. So if you want to reach your article to those people you need to promote your website. Start influencing more people by letting your website reach up to them.

    ReplyDelete
  2. This post is not only informative but impressive also, I learned new thing from this blog. This post is so persuasive that it created an urge to choose Mobile application development company. You can email us at sales@appsquadz.com or call us at +91-9717270746

    ReplyDelete
  3. article great
    https://www.digithow.com/2020/06/how-to-travel-on-budget-5-trusted-ways.html

    ReplyDelete
  4. While using the printer on the off chance that it stalls out in the center of the work, it can raise the temper of the user. We have seen numerous user putting their inquiries dependent on ordinance printer in error state issue, for instance what do I do if my group printer is in error state?, how would I get my standard printer out of error state, etc. Consequently, to tackle every one of these inquiries we have the arrangement and it is referenced underneath.
    Printer in an error state canon

    ReplyDelete
  5. Woderful content. I am regularly follow this blog. Thank you for updating such a good content. Please follow my Travel blog for more information about Eco Park in Kolkata.

    My other posts are:
    Victoria Memorial in Kolkata.
    Scuba Diving in Goa.
    Top visiting places in GOA.
    Calangute Beach in Goa.
    Candolim Beach in Goa.
    Baga Beach in Goa.

    ReplyDelete
  6. Since 2007, Electronic Services Has Been Providing Service Repair Installation Home Theater Design Amc Sale & Exchange Of Hi-End Brands Electronics . In Service Field Our Strength Lies In Using Genuine Spare Parts With A Team Of Highly Qualified And Experienced Technicians. We Specialise In Providing Service At The Customer’s Door Step. Over The Years We Are Proud To Have Serviced A Couple Of Thousand Satisfied Customers In Gurgaon. In The Near Future, We Will Accelerate The Services To Metro Cities Across India. Visit or contact www.eleser.in

    ReplyDelete
  7. This is very helpful information. good work and content. article is very interesting and easy to understand and learn. Thanks you for sharing

    https://www.rsoft.in

    ReplyDelete
  8. Hi,
    Thanks for sharing this beautiful and informative article.
    I have really enjoyed reading the article and of course learned several new things from your content.
    I would definitely share this blog on my social media pages.
    Looking forward and waiting for your new blogs
    Thank you

    ReplyDelete

  9. Web SEO Company is headquartered in London, UK. With offices across Australia, Canada, United States and in Europe, Asia, Middle East, Africa and Beyond. Leading Digital Marketing Company specialising in multilingual web design, development, mobile applications, cms and ecommerce development, UI and UX Web Design and SEO Services.

    Specialising in multilingual content writing and content marketing services, multilingual link building services and range of other services including but not limited to: website security, website migration, website seo audit, page speed optimisation, and range of internet, digital marketing, social media and search engine optimisation services.

    If you are looking for a reliable and trusted SEO agency UK for bespoke seo services, then get in touch with their in-house web design experts and seo specialists for Free Consulting Now!

    ReplyDelete
  10. Thank you so much for sharing all this wonderful information.
    I have found it extremely helpful...
    It is so appreciated!!!
    You always have good humor in your Blogs.
    So much fun and easy to read!!
    Your Blog on reading is so full of great insights.
    Your article is so convincing that I never stop myself to say something about it.
    You are doing a great job...Keep it Up!!!
    I’m really happy to say it was an interesting post to read. I learned new information from your article,
    You are doing a great job...!!
    From next time I only read your article because it gives me very useful and informative information which I don't get on other posts
    Really Appreciating...Keep Going!!!!!
    b.tech college in Ghaziabad

    ReplyDelete
  11. Cute Web Design Is A Leading Web Design and Web Development Company Situated In London, UK. Specialists In UI, UX, Minimalist and SEO Friendly Web Designing and Development That Is Safe, Secure, With Great Page Speed and Desktop and Mobile Compatible.

    A well regarded web design company specialising in bespoke mobile applications design and development both for iOS and Android, Ecommerce and CMS Web Design and Development Services with Main Focus On Website Security. If you have an old website and you want it migrated or revamped then they are the right fit for you!

    Moreover, They also provide landing pages design services, professional seo services, link building, SEO Content Writing Services and range of other useful services from Digital Marketing and Internet, Website, Search Engine and Social Media Marketing & Optimisation.

    ReplyDelete
  12. Connect for beautiful and hot girls entertaining services
    Dubai Escorts
    call girls in Dubai

    ReplyDelete
  13. Hi,
    Thanks for sharing this beautiful and informative article.
    I have really enjoyed reading the article and of course learned several new things from your content.
    I would definitely share this blog on my social media pages.
    Looking forward and waiting for your new blogs
    Thank you

    ReplyDelete

Search This Blog