Does AWS classic load balancer keeps the SNI after tls termination?
I have an AWS classic load balancer. Here are my listeners :
The AWS classic load balancer is doing tls termination, and redirecting the traffic to port 30925 of my nodes
The process listening on port 30925 is an istio gateway, redirecting traffic afterwards based on the SNI of the request
However, the AWS classic load balancer doesn't seems to keep the SNI of the request after tls termination
Is there any documentation regarding the behavior of the load balancer in that situation?
I found a couple of links talking about SNI (here for example), but it's only talking about the load balancer itself handling the routing of the SNI
Based on the comments.
If you terminate SSL on the load balancer (LB), SSL-related information is not carried over to your targets. To ensure full SSL-forwarding to your targets, you have to use TCP listener. This way your targets will be responsible for handling SSL, and subsequently will be able to custom process it.