App Load Balancing vs. Network Load Balancing–either AWS or Azure
Too much work to have SSL on layer 7
The application load balancer is operating at level 7 it has to decrypt the HTTP request to inspect its headers, and then encrypt the request again to send it to the webserver.
Then your web server decrypts it again to read it. Not only does this add extra latency by doubling the SSL/TLS overhead, but it also means your private key has to be stored at the load balancer level as well as at the web server level.
Layer 4 Ideal for SSL / TLS
If end to end encryption is a requirement it would make more sense to use a level 4 network load balancer instead of a level 7 load balancer:
Leave a Reply