A company has an existing public web application for www.

Objective:

Ensure all traffic is encrypted using HTTPS.

Maintain the same endpoint (www.example.com) for existing users.

Use the validated ACM certificate for encryption.

Steps to Implement (Following Option D):

Step 1: Modify the HTTP Listener (Port 80):

Navigate to the ALB settings in the AWS Management Console.

Locate the existing HTTP listener on port 80.

Add a rule to redirect all HTTP traffic to HTTPS on port 443.

Redirection ensures users accessing http://www.example.com are automatically sent to https://www.example.com without any manual changes.

Step 2: Create an HTTPS Listener (Port 443):

Add a new listener for HTTPS on port 443 to the ALB.

Configure the listener to use the ACM certificate for www.example.com.

Set the default action to forward requests to the target group serving the application.

Step 3: Test the Configuration:

Verify that both http://www.example.com and https://www.example.com work seamlessly, with HTTP requests being redirected to HTTPS.

AWS References:

ALB HTTPS Redirection:Redirect HTTP to HTTPS using ALB

SSL Certificates with ACM:Using ACM certificates with ALB

Best Practices for ALB Configuration:ALB Listener Rules

Why Other Options Are Incorrect:

Option A and B: Do not address the redirection from HTTP to HTTPS, leaving the application exposed to unencrypted traffic.

Option C: Incorrectly suggests modifying the HTTP listener’s default rule for SSL, which is technically unsupported. The HTTP listener cannot use an SSL certificate.