AWS负载均衡器不安全
[英]AWS Load Balancer not secure
问题描述
I've configured a classic load balancer using this tutorial: http://docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-getting-started.html 
我已使用此教程配置了经典的负载均衡器: http : //docs.aws.amazon.com/elasticloadbalancing/latest/classic/elb-getting-started.html
I've added an SSL certificate from AWS and the latest cipher. 我添加了来自AWS的SSL证书和最新密码。 The listener if configured to receive connections on port 443 and send them to my instance on port 80. 侦听器(如果配置为在端口443上接收连接并将它们发送到端口80上的我的实例)。
When I try to access the load balancer from a browser using it's DNS name it says that it's not secure. 当我尝试使用其DNS名称从浏览器访问负载平衡器时,它说这是不安全的。
Why is not secure event if it has an SSL certificate? 如果具有SSL证书,为什么不安全事件? How can I make my load balancer secure? 如何使我的负载均衡器安全? In front of the load balancer I want to have cloudflare with a full ssl. 在负载平衡器的前面,我希望cloudflare具有完整的ssl。
1 个解决方案
解决方案1
6 已采纳 2017-03-17 13:18:22
You are seeing that issue because your SSL certificate is for example.com and you are accessing your endpoint using the load balancer URL abc.elb.amazonaws.com . 您正在看到该问题,因为您的SSL证书是example.com并且您正在使用负载均衡器URL abc.elb.amazonaws.com访问端点。 In this situation, the URLs do not match, so your browser is showing the warning. 在这种情况下,URL不匹配,因此您的浏览器显示警告。
In actual use, you should access the load balancer via example.com , matching the domain in the SSL. 在实际使用中,您应该通过example.com访问负载均衡器,该负载均衡器与SSL中的域匹配。 You can do this using a DNS CNAME, or alias (Route 53 only), or hosts file. 您可以使用DNS CNAME或别名(仅适用于Route 53)或hosts文件来执行此操作。 When accessed this way, you will not see the warning since you are accessing your actual domain. 通过这种方式访问时,由于您正在访问实际的域,因此您将不会看到警告。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.