What should a solutions architect do to increase the application’s performance?

By:
On:
In: SAA-C03
Tagged:
With: 0 Comments
A company has a dynamic web application hosted on two Amazon EC2 instances.The company has its own SSL certificate, which is on each instance to perform SSL termination.There has been an increase in traffic recently, and the operations team determined that SSL encryption and decryption is causing the compute capacity of the web servers to reach their maximum limit.

What should a solutions architect do to increase the application’s performance?

Create a new SSL certificate using AWS Certificate Manager (ACM). Install the ACM certificate on each instance.

Create an Amazon S3 bucket Migrate the SSL certificate to the S3 bucket. Configure the EC2 instances to reference the bucket for SSL termination.

Create another EC2 instance as a proxy server. Migrate the SSL certificate to the new instance and configure it to direct connections to the existing EC2 instances.

Import the SSL certificate into AWS Certificate Manager (ACM). Create an Application Load Balancer with an HTTPS listener that uses the SSL certificate from ACM.

Explanations:

While using AWS Certificate Manager (ACM) simplifies SSL management, installing the ACM certificate on each instance does not address the performance issue, as SSL termination is still handled by the instances.

Amazon S3 cannot be used to store SSL certificates for SSL termination. This option does not provide a valid solution for offloading SSL from the EC2 instances.

Creating a new EC2 instance as a proxy server does offload some work, but it still requires managing the SSL certificate manually and does not efficiently scale with increased traffic.

Importing the SSL certificate into ACM and using an Application Load Balancer (ALB) with an HTTPS listener offloads SSL termination from the EC2 instances, improving performan

Leave a Reply

Your email address will not be published. Required fields are marked *

17 − ten =