uksz
Reputation: 18719
Do I need to install SSL on backend if I proxy all of the connection from front-end?
I have the following scenario:
- I use some domain provider to host static files (lets say my site it www.example.com). On the front end, I use SSL that I bought when I was buying the domain.
- As backend, I port all the requests which have some keyword in the url to my backend (Elastic Beanstalk AWS).
Now, my question is:
Do I need to add any key to my backend, or I should be fine just with what I have (SSL on front end, nothing on backend)?
Thanks
Upvotes: 1
Views: 260
Answers (1)
mahatmanich
Reputation: 11033
If your requests towards amazon are in http then, a man in the middle attack is possible.
You need to use https from amazon aws towards beanstalk, then the entire traffic should be encrypted.
SSL for beanstalk should be provided by Amazon.
Your setup (insecure):
https (your ssl cert) -> www.example.com -> http -> beanstalk
You want (secure):
https (your ssl cert) -> www.example.com -> https (ssl cert amazon) -> beanstalk
Update: I guess you need to install a cert there, says amazon!
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https.html
Upvotes: 3
Related Questions
- Is there a way to enable HTTPS on Elastic Beanstalk without a load balancer?
- Is possible to use Amazon Elastic Beanstalk with SSL (HTTPS) without a Load Balancer?
- Can AWS proxy be used to enable https for a http backend?
- TLS on Elastic Beanstalk running reverse proxy
- Do we need ssl certificate for both front end and backend?
- Https on Elastic Beanstalk Without Load Balancer
- Is it necessary to use HTTPS with express while HTTPS is already configured for my Elastic Beanstalk environment?
- SSL on Elastic Beanstalk
- Is the HTTPS required between API Gateway and Elastic Beanstalk?
- setting up https proxy on elastic beanstalk