🔥 3-day streak
AWS Certified Advanced Networking - Specialty2 / 141
Question 2 of 141

A financial services company exposes a partner-facing REST API behind an Application Load Balancer (ALB) with an HTTPS listener. Security policy now requires that only partner client applications presenting a certificate issued by the company's own private certificate authority may connect, and any connection presenting an untrusted or expired client certificate must be rejected at the ALB before reaching the backend targets. The team wants a managed solution that minimizes custom code on the targets. Which approach meets these requirements?

Reviewed for accuracy · Report an issueNext question