What would be the right answer for AWS EC2 SSL Certificate configuration?


#1

A customer has a website which is accessible over the Internet and he wants to secure the communication and decides to implement HTTPS instead of HTTP. He has configured EC2 instance behind an ELB. Where should you configure the SSL certificate?

a. Not possible in AWS
b. SSL certificate will be installed at ELB and the listener port should be changed from 80
to 443 to allow the traffic to reach EC2
c. SSL certificate will be installed at EC2 and listener port should be changed from 80 to
443
d. SSL certificate will be installed at EC2 and listener port can remain at 443


#2

According to me, it is option b.

Option c. seems to be right. But which one to choose the right option.


#3

B, There is option in ELB to listen request on 443


#4

I can install SSL certificate on EC2 as well. Not clear why not c, why choose option b over option c.


#5

As EC2 is behind ELB so the request will hit first on ELB. Thus it is better to install in ELB rather than EC2.