# HTTPS/TLS Encryption

To configure **HTTPS/TLS encryption** in front of the WorkSpaces Manager Appliance, you can add a **Network Load Balancer (NLB)** to split the presentation layer into a High Availability (HA) mode. Follow the steps below to set up encryption:

1. **Create a Network Load Balancer**:
   * Navigate to the **EC2 console** and select **Load Balancers**.
   * Create a **Network Load Balancer** with the appropriate settings and assign the correct **Target Group**.
2. **Add a Listener for HTTPS (Port 443)**:
   * In the **Listener** section, add a listener for **HTTPS** on port **443**.
3. **Select Target Group for Default Action**:
   * Under the **Default Action**, select the **Target Group** you created, which points to your EC2 instances running WorkSpaces Manager.
4. **Select the SSL Certificate**:
   * In the **SSL/TLS certificate** section, choose the appropriate certificate from **AWS Certificate Manager (ACM)**.
   * If you don’t have a certificate yet, generate one in ACM for your friendly hostname.
5. **Click ‘Add’**:
   * Complete the setup by clicking **‘Add’** to apply the HTTPS listener and associated settings.

With this configuration, traffic between the client browser and the WorkSpaces Manager Appliance will be securely encrypted using **TLS**, ensuring secure communication across the network.

<figure><img src="/files/uby0nnndBfdVIQBvXE0q" alt=""><figcaption></figcaption></figure>

If you'd like to add a **Friendly Name** and **URL** to your WorkSpaces Manager Portal, please refer to [this appendix](/install/appendices/friendly-portal-url-address.md) for detailed instructions. This appendix will guide you through the steps required to configure a custom domain and associate it with your portal, enhancing accessibility and branding for users.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.nuvens.cloud/install/appendices/https-tls-encryption.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.