Recent AWS Customer Success Stories & Videos

More AWS Customer Success Stories...

« Route 53 Health Check Improvements - Faster Interval and Configurable Failover | Main | Amazon CloudFront Now Supports Microsoft Smooth Streaming »


Feed You can follow this conversation by subscribing to the comment feed for this post.


Awesome! Finally. :)

What about HSTS Headers?

Jeff Barr

Josh, thanks for the suggestion and the comment. I have forwarded it to Lesley.

Petr Soukup

Is ELB going to support multiple certificates on same port (SNI)? It is curently impossible to use these features sith mutliple domains behind one ELB.



Thanks for the feature request, in the meantime HSTS can be enabled by adding the HSTS "Strict-Transport-Security" header on backend instances. The header will be preserved by ELB load balancers.

Here's the cheat-sheet I use: The linked wiki includes sample configurations for Apache, lighttpd and nginx. HAProxy backends can also be configured to add a header by using the "rspadd" command. IIS can be configured with custom headers in its base configuration, Node can be configured by using res.header() in the first controller, and Ruby On Rails can be configured with by setting response.headers['Strit-Transport-Security'] in a handling method. Other web-servers likely have equivalent configuration parameters.

Elastic Load Balancing


SNI desperately needed... I second Jeff's comment.


Client side authentication on the load balancer also needed.


being able to enable gzip compression on https would also be extremely helpful. perhaps I'm missing something and this is available already -- if so, I don't know how to enable it.

Gabriel Pérez

"SNI desperately needed" +1! When? :-)

Adam Australia

SNI desperately needed... I third Jeff's comment. Adam Australia


While we're piling on suggestions, custom 503 error pages :)

Thomas Bachmann

I found out that newly created Elastic Beanstalk instances also use per default now ELBSecurityPolicy-2014-01.

What about RC4, it's considered weak/broken. What would be a good setting without RC4 but still support IE6 on WinXP?


SNI +1!


Another vote here for SNI. It is now supported in CloudFront, so can we expect this to come soon for ELB?

The comments to this entry are closed.

Featured Events

The AWS Report

Brought to You By

Jeff Barr (@jeffbarr):

Jinesh Varia (@jinman):

Email Subscription

Enter your email address:

Delivered by FeedBurner

April 2014

Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30