Is it possible to configure AWS ELB for HTTPS access in such a way as to support RFC-5746 (TLS Renegotiation Indication Extension)? If so, how?
Asked
Active
Viewed 1,828 times
1 Answers
1
See this thread disable client-initiated renegotiation and this one is ELB vulnerable to BEAST attack
The basics of those posts are: No, not with ELB termination of SSL. You need to pass through SSL connections to an instance where you can configure SSL as per requirements.
I am not sure if those posts are still applicable though. I have dealt with McAfee and run a scan against a default ELB policy configuration minus CBC ciphers, and their scans pass PCI compliance.
Brett
- 221
- 3
- 11