Examtopics

コメント(10)

• 正解だと思う選択肢: D

  Because of the wording of this question, I did not first know which of the options B and D is correct.

  However, my conviction that you can't directly install Amazon-issued certificates on EC2 instances (refer to - https://repost.aws/knowledge-center/associate-acm-certificate-alb-nlb for more information) made me to study a few documentations to be sure D is the correct answer.

  Please check the Accepted answer in the following thread - https://repost.aws/questions/QUIo7PWvZ3T6aFYCByhZ5f0A/load-certificate-on-alb-and-ec2

  👍 9

  AgboolaKun2024/05/27
• 正解だと思う選択肢: D

  Q: Can I use certificates on Amazon EC2 instances or on my own servers?

  You can use private certificates issued with Private CA with EC2 instances, containers, and on your own servers. At this time, public ACM certificates can be used only with specific AWS services, including AWS Nitro Enclaves. See ACM service integrations.

  👍 4

  ginseng2024/09/18
• 正解だと思う選択肢: D

  Option D is the correct solution.

  To encrypt traffic between external users and the application behind the Application Load Balancer (ALB), a certificate should be imported into AWS Certificate Manager (ACM) and associated with the ALB. The same certificate should also be installed on the EC2 instances.

  Option A is incorrect because Secrets Manager is used for storing secrets, not SSL/TLS certificates.

  Option B is incorrect because Amazon-issued ACM certificates can only be used with Elastic Load Balancers and Amazon CloudFront. They cannot be exported and installed on EC2 instances.

  Option C is incorrect because IAM does not support importing or managing SSL/TLS certificates.

  Option D uses a third-party certificate imported into ACM, associated with the ALB, and installed on the EC2 instances. This provides complete encryption between the users and application.

  👍 3

  azure4life2024/06/14