A media firm is launching its online digital entertainment channel which will be launched in five different languages.
For this digital content sharing, web applications will be deployed in EC2 instances spread across multiple AZ.
ELB will be used as a front-end service to handle all user requests.
All traffic between users & ELB should be over a secure channel.
For different languages, they have registered multiple domains with AWS Route 53
The client needs to host multiple domains on ELB.
Which of the following can be used for ELB to support multiple domains? (Select Three.)
Click on the arrows to vote for the correct answer
A. B. C. D. E.Correct Answer - A, B and E.
ELB can be configured as an HTTPS Listener to have secure HTTPS communication between client & ELB instead of having encryption at the server level.
For HTTPS listeners, SSL/TLS certificate needs to be specified.
To deploy multiple domains on a single ELB, any of the following needs to be done to specify the certificate.
1)Specify additional certificates apart from the Default certificate.
2)Use Wildcard certificate which will cover all domains.
3)Use Subject Alternative Name (SAN) for each additional domain.
Option C is incorrect as the Default certificate can be used only if there is no matching certificate in the certificate list & not for multiple domains with root & subdomains.
Option D is incorrect as the Default Certificate will be used for only one domain & not for multiple domains.
For more information on creating HTTPS Listener for ALB, refer to the following URL.
https://docs.aws.amazon.com/elasticloadbalancing/latest/application//create-https-listener.htmlTo support multiple domains on an Elastic Load Balancer (ELB), there are several options available. Three of these options are:
A. Add Subject Alternative Name for additional domains to be used with EL B. Add additional certificates to the certificate list E. Use Wildcard Certificate for all domains
Here is a more detailed explanation of each option:
A. Add Subject Alternative Name for additional domains to be used with EL: This option involves adding additional domain names as Subject Alternative Names (SANs) to the SSL certificate used by ELB. To use this option, you will need to purchase a certificate that supports SANs, which allows for multiple domain names to be included in the same certificate. Once you have the certificate, you can add the additional domain names as SANs to the certificate and then upload it to ELB.
B. Add additional certificates to the certificate list: This option involves adding additional SSL certificates to the certificate list used by ELB. To use this option, you will need to purchase and upload separate SSL certificates for each domain name that you want to support. You can then add these certificates to the certificate list used by ELB.
E. Use Wildcard Certificate for all domains: This option involves using a single wildcard SSL certificate that covers all of the domain names that you want to support. A wildcard certificate can be used to secure multiple subdomains under a single domain name. For example, a wildcard certificate for "*.example.com" would cover "www.example.com", "blog.example.com", "store.example.com", etc. To use this option, you will need to purchase and upload a wildcard SSL certificate to ELB.
C. Use default certificates for the root domain & additional certificates for subdomains: This option involves using a default certificate for the root domain and separate certificates for each subdomain. However, this option is not included in the possible answers.
D. Use Default certificate with EL: This option involves using the default SSL certificate provided by AWS Certificate Manager (ACM) for ELB. However, this option is not recommended for production use as the default certificate is not trusted by all web browsers and does not provide a secure channel between users and ELB.
In conclusion, options A, B, and E can all be used to support multiple domains on ELB. Option A requires a SAN certificate, option B requires separate certificates for each domain, and option E requires a wildcard certificate.