1 Answer
- Newest
- Most votes
- Most comments
1
I haven't tested this but looking at this blog here - https://aws.amazon.com/blogs/aws/mutual-authentication-for-application-load-balancer-to-reliably-verify-certificate-based-client-identities/ - your use case is not supported. Your options are mTLS passthrough where the mTLS auth is happening between origin and client or "verify with trust store" where the mTLS happens between Client and ALB. I don't see any way to configure it to do TLS to ALB and mTLS from ALB to origin.
Given this is a newly supported feature, I would not be surprised to see additional releases in future which may then cover your use case but for now the mTLS options on ALB won't work for your quoted use case.
answered a year ago
Relevant content
- asked 9 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 8 months ago