> (At least if you are comfortable terminating your SSL at the load balancer. If you plan to use SSL between the AWS LBs and your EC2 instances, then AWS certs don't work there and you'll need to provision them yourself using something like LE).
Interesting note - ALBs/ELBs (NLBs with SSL termination as well, I would assume, but I am not sure) do not perform validation of your backend certificate. You can terminate at the load balancer and use an expired self signed SHA1 cert for all AWS cares.
Elbs do support public key verification of the backends (search for Enable backend authentication). I believe you are correct wrt Albs and nlbs, and in neither case does it check the cert ttbomlk, just the public key.
Interesting note - ALBs/ELBs (NLBs with SSL termination as well, I would assume, but I am not sure) do not perform validation of your backend certificate. You can terminate at the load balancer and use an expired self signed SHA1 cert for all AWS cares.