Mutual authentication for Application Load Balancer reliably verifies certificate-based client identities
Blog
The article introduces mutual authentication for Application Load Balancer (ALB), which allows ALB to reliably verify certificate-based client identities. This new feature enables offloading client authentication to the load balancer, ensuring only trusted clients communicate with backend applications.
Specifically, the article covers:
- What is mutual authentication (mTLS) and its use cases, such as B2B applications and online services
- How to enable and configure mutual authentication on ALB, including trust store setup with CA bundles and certificate revocation lists
- Two mutual authentication options: Passthrough (sending client certificate chains to backend) and Verify with trust store (ALB verifying client certificates)
- Using AWS CLI to create trust stores and configure mTLS on ALB
- Testing mTLS on ALB with self-signed certificates and curl
- Availability and pricing information
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.