When configuring your ELBs, they can be defined as internal or internet-facing. Internal ELBs only have private internal IP addresses and can only serve requests that originate from within your own VPC. However, internet-facing ELBs are different. They have public DNS names that are resolved to publicly accessible IP addresses, in addition to their own internal IP address used within your VPC.
Therefore, as with many services that traverse the public internet, you may want to implement a level of encryption to increase the security of your solution and minimize threats against your infrastructure. When using ELBs, this encryption can be achieved for your requests through the use of server certificates.
If you select the HTTPS protocol as a listener during the configuration of your ELB, then additional configuration is required under step 2 of the configuration process to manage the encryption, including a server certificate and security policies...