1. Concepts Guide
  2. Load Balancing Overview
  3. Load Balancer SSL Certificates

Load Balancer SSL Certificates

You can import and manage SSL certificates through the Load Balancing service, but the service does not generate any certificates. An SSL certificate can be one issued by a vendor such as VeriSign or GoDaddy, or a self-signed certificate that you generate with a tool like OpenSSL or Let's Encrypt.

If you configure HTTPS or SSL for a listener, an SSL server certificate must be associated with the load balancer. A certificate enables the load balancer to terminate the connection and decrypt incoming requests before passing them to the backend servers. You can apply the following SSL configurations to your load balancer:

  • SSL termination: The load balancer handles incoming SSL traffic and passes the unencrypted request to a backend server.
  • Point-to-point SSL: The load balancer terminates the SSL connection with an incoming traffic client, and then initiates an SSL connection to a backend server.
  • SSL tunneling: If you configure the load balancer's listener for TCP traffic, the load balancer tunnels incoming SSL connections to your application servers.

Load Balancing supports the TLS 1.2 protocol with a default setting of strong cipher strength.

To use standard SSL with a load balancer and its resources, you must supply a certificate. To use mutual TLS (mTLS) with your load balancer, you must add one or more certificate authority bundles (CA bundles) to your system. A certificate bundle includes the public certificate, the corresponding private key, and any associated Certificate Authority (CA) certificates. It is recommended that you upload the certificate bundles before creating the listeners or backend sets you want to associate them with. Only X.509 certificates in PEM format are accepted.

Load balancers commonly use single domain certificates. However, load balancers with listeners that include request routing configuration might require a subject alternative name (SAN) certificate (also called multi-domain certificate) or a wildcard certificate. The Load Balancing service supports each of these certificate types.

SSL Traffic Handling Configuration

You can configure a load balancer to handle SSL traffic in different ways at different stages of the secured connection.

Terminating SSL at the Load Balancer

This configuration is known as frontend SSL. Your load balancer can accept encrypted traffic from a client. No encryption of traffic exists between the load balancer and the backend servers.

To terminate SSL at the load balancer, you must create a listener at a port such as 443, and then associate an uploaded certificate bundle with the listener.

Implementing Backend SSL

In a backend SSL configuration, the load balancer does not accept encrypted traffic from client servers. Traffic between the load balancer and the backend servers is encrypted.

To implement SSL between the load balancer and your backend servers, you must associate an uploaded certificate bundle with the backend set.

If you want to have more than one backend server in the backend set, sign your backend servers with an intermediate CA certificate. The intermediate CA certificate must be included as part of the certificate bundle.

Your backend services must be able to accept and terminate SSL.

Implementing Point-to-Point SSL

In a point-to-point SSL configuration, the load balancer accepts SSL-encrypted traffic from clients and encrypts traffic to the backend servers.

To implement point-to-point SSL, you must associate uploaded certificate bundles with both the listener and the backend set.

Uploading Certificate Chains

If there are multiple certificates that form a single certification chain – for example when intermediate certificate authority (CA) certificates are used –, then include all relevant certificates in a single PEM file in the correct order before uploading them to the system. The correct order begins with the certificate directly signed by the trusted root certificate authority at the bottom of the list. Any additional certificates are pasted above the signed certificate.

Combine the server certificate (ssl-certificate.crt) and the intermediate CA certificate (intermediate-ca-cert.crt) files into a single, concatenated PEM file: 

cat ssl_certificate.crt intermediate-ca-cert.crt >> certbundle.pem

Peer Certificate Verification

When SSL is set up on the load balancer, the listener responds to an incoming client request with a certificate that the client can verify for authenticity. Enabling peer certificate verification adds an extra layer of security: it requires the client (peer) to present a certificate that the listener can validate. In other words, peer certificate verification establishes mutual authentication between client and server.

In case peer certificate verification is configured incorrectly, the client is unable to verify the certificate and returns a client SSL handshake failure. The error message varies by client type. You can use the OpenSSL utility to check the depth at which the validation fails:

$ openssl verify -verbose -CAfile root-cert.pem intermediate-cert.pem
error 20 at 0 depth lookup: unable to get local issuer certificate

To resolve these verification errors, confirm that the client certificate and certificate authority certificate match, and make sure the certificates are included in the correct order.

SSL Key Issues

The following key-related problems are known to occur when configuring SSL for a load balancer.

Key Pair Mismatch

If the private and public key do not match, attempting to upload them results in a mismatch error. Use the following OpenSSL commands to confirm that the public and private key are part of the same pair:

openssl x509 -in certificate_name.crt -noout -modulus | openssl sha1
openssl rsa -in private_key_name.key -noout -modulus | openssl sha1

The sha1 hash values returned from these commands must match exactly. If they are different, then the private key is not used to sign the public certificate, and this key cannot be used.

Private Key Consistency

In general, when errors occur that are related to a private key, you can use the OpenSSL utility to check the key's consistency. This command verifies that the key is intact, the passphrase is correct, and the file contains a valid RSA private key:

openssl rsa -check -in private_key.pem

Private Key Decryption

If the system does not recognize the encryption technology used for a private key, you should decrypt the key and upload the unencrypted version of the key with your certificate bundle. You can use the OpenSSL utility to decrypt a private key:

openssl rsa -in private_key.pem -out private_key_decrypted.pem