How to setup SSL for instance inside the ELB and communicating with a node instance outside the ELB

Question

I have create an architecture on AWS (hope it should not be wrong) by using the ELB, autoscaling, RDS and one node ec2 instance outside the ELB. Now I am not getting, that, how I can implement the SSL on this architecture.

Let me explain this in brief:

1. I have created one Classic Load Balancer.
2. Created on autoscaling group.
3. Assign instances to autoscaling group.
4. And lastly I have created one Instance that I am using for the node and this is outside the Load Balancer and Autoscaling group.

Now when I have implemented the SSL to my Load Balancer, the inner instances are communicating with the node instance on the HTTP request and because the node instance is outside the load balancer so the request is getting blocked.

Can someone please help me to implement the SSL for this architecture.

Sorry if you got confused with my architecture, if there is any other best architecture could be possible then please let me know I can change my architecture.

Thanks,

Answer 1

When you have static content, your best bet is to serve it from Cloudfront using an S3 bucket as its origin.

About SSL, you could set the SSL at your ELB level, follow the documentation .

Your ELB listens on two ports: 80 and 443 and communicates with your ASG instances only using their open port 80. So when secure requests come to the ELB, it forwards them to your server ( EC2 in the ASG ). Then, your server, listening on port 80, receives the request; if the request have the X-FORWARDED-PROTO HTTPS, the server does nothing, otherwise it sets it and forward/rewrite the URL to be a secure one and the process restart.

I hope this helps and be careful of ERR_TOO_MANY_REDIRECTS