In this video, you will learn about SSL implementation using OCI Load Balancer. Before we get into the slide OR the demo for this, let's first understand what do we mean by SSL? First of all, we have load balancer with us. The load balancer can be provisioned with SSL or not. There are three choices that we have. You have one or more back-ends sets, which could have a collection of back-end settlers which host the application. You will have end-users who have access to the application and they make requests. The first implementation is where you want to implement SSL in the communication between the clients and the load balancer, which is where this traffic is encrypted. This is Option 1. Option 2 is where you want to encrypt that traffic between the load balancer and the back-end settlers, which is within cloud communication being encrypted. Option 3 is where you enable both, within what end-to-end SSL is implemented. How do we do these is what we are going to see. If you come back to the slides, you will first need to have SSL certificates to be uploaded and use them to implement the encryption. You can get certificates from a certifying authority or you can bring in your own private certificates that is self-signed and OCI accepts only x phi.mine certificates in PEM format and an example is given as to how the certificate will begin. If you have multiple certificates which you want to use for specific purposes, and you'll want to have a specific chain. You will have to upload them in the specific order and bring them into OCI. How do you get your certificates uploaded after the load balancer is provisioned? You go to the load balancer page, go to certificates and add your certificates that you have. Is it a CA-based certificate or is it your own private key that you have? You can choose that, paste the significant or upload the certificate from wherever you have it in your client or in fact, when you provision a load balancer itself, you will have that choice of using encryption when implementing the load balancer itself. Wherein you could at the advanced options when provisioning the load balancer, you don't have any charges here, but in the next screen, when you add the load balancer, back-end set words, you have the ability to use SSL where you could have uploaded certificates or this would have implemented, as I told you earlier, that communication between the client and the load balancer to be encrypted. When you implement a listener, the previous one, this is the communication between the load balancer and the back-end servers. Whereas the SSL that you added, the listener level, going to encrypt the communication between the client and the load balancer. You could have implemented SSL both when implementing the Load Balancer or after implementing the load balancer, you can go and add your certificates. Use cipher suits also for the kind of encryption you want to do and when you add a new back-end set, you can choose to use SSL, but you need to have certificates already uploaded to enable it. Existing back-end set, you can go and edit it and choose to enable SSL for which also you need to add a certificate which would be used for the purpose of encryption. Thus, when you use OCI as load balancer, you will have the ability to implement SSL in various ways. Number one, that emanating at the Load balancer level, which means encrypting traffic from the clients to the listener, or SSL between the load balancer and the back-end servers, which means the load balancer is not encrypting the traffic from the client to the load balancer only the communication within the Cloud between Load Balancer and back-end servers are encrypted or if you enable both SSL's, then it is going to take care in end-to-end encryption. That's about implement SSL in the load balancer service depending on the need you can implement a property.
