When connecting to our network clients will use HTTPS, which means we're going to need a Transport Layer Security (TLS) certificate:
graph TD A[Traffic] -- HTTPS --> B[ALB] C[ACM] --> D[TLS Certificate] D --> B B -- HTTP --> E[Servers]
AWS Certificate Manager (ACM) can provision this TLS certificate for us, automatically, and handle the validation as well.
We need a TLS certificate because we want to help protect the privacy of the visitors to our website. By encrypting the traffic to and from the web server we're helping to prevent Man In The Middle (MITM) attacks against visitors, preventing their information from being leaked or stolen, or the information being sent to and from the server from being manipulated.
|Domain Name||Validation Method||Alternative Names|
| || || |
The column "Alternative Names" refers to additional addresses that you want the certificate to validate. We've added
www which means we're asking for
httpcats.net to be valid hostnames this certificate can validate.