0

We have an application with 2 parallel servers and a Hardware Load Balancer but No Webserver is used. We want to implement SSL for the application. What should be the best approach? 1. Configure SSL certificates on both the Application servers (These are windows 2008 servers); Leaving LB untouch with SSL. 2. Deploy the SSL certificate on Hardware Loadbalancer and doing nothing on Application server.

There is a Support Site from Microsoft which explains the Step by Step process for deploying SSL on Windows server. It is not an eCom site and Max concurrent users is in range of 80-100.

Requesting experts to suggest the best way for implementing the SSL. Pros and Cons. Also the steps involved in implementation.

Shiva S Prakasham
  • 1

1 Answers1

1

You will want to terminate the SSL as close to the edge as possible - from a purely resource perspective. Because SSL traffic is encrypted and involves extra overhead/handshaking, if you terminate it at the LB, you save on some internal network bandwidth. Otherwise, all the extra overhead will need to travel through the LB to your internal servers, and back out again.

However, since your application seems to have low-requirements, it may not affect you much.

As for the steps on how to do this, you will need to check the documentation of your LB. You may even consider buying a LB with hardware SSL acceleration, if your requirements increase substantially in the future.

sybreon
  • 7,405
  • 1
  • 21
  • 20