Ensure All ELB have the latest SSL Security Policies configured


Elastic Load Balancing uses an Secure Socket Layer (SSL) negotiation configuration, known as a security policy, to negotiate SSL/TLS connections between a client and the load balancer. A security policy is a combination of SSL/TLS protocols, ciphers, and the Server Order Preference option.

Elastic Load Balancing supports configuring your load balancer to use either predefined or custom security policies.

Secure Sockets Layer (SSL) and Transport Layer Security (TLS) are cryptographic protocols that are used to encrypt confidential data over insecure networks such as the Internet. The TLS protocol is a newer version of the SSL protocol. In the Elastic Load Balancing documentation, we refer to both SSL and TLS protocols as the SSL protocol.

  • Note: an SSL certificate configured on the ELB and an SSL Security Policy is not
    mandatory if you are terminating SSL connections directly on the EC2
    instances, and using a TCP listener on the ELB (TCP pass-through)








We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!