I will not get into the exact usage of SSL certificates, but I would like to talk about Server Name Indication. With your ALB and NLB load balancer you can enable SNI. This setting allows you to have a client specify the hostname of the EC2 instance they are connecting to. Allow me to explain why this is beneficial. Let’s say you have two SSL certificates, without SNI you ALB or NLB would just have use one SSL and couldn’t use SSL certificates on the two website. Now the client makes a request to connect to the specific server and your LB can acquire the correct certificate and then connect.