ejabberd with SSL / TLS and behind an AWS ELB

Hi - my ejabberd instances are behind an elastic load balancer in AWS and I would like to secure the sessions in SSL / TLS. From these two links (https://www.ejabberd.im/forum/28648/ejabberd-letsencrypt-ssl-certificate and https://blog.process-one.net/securing-ejabberd-with-tls-encryption/), I broadly understand how to accomplish the same using letsencrypt. But these instructions are primarily for the scenario where the ejabberd instance is directly facing the client.

Given that I have a load balancer, how does this change? Should I make my ELB TCP listeners to be SSL-configured (with a separate certificate from AWS Certificate Manager)? If so, then how is the SSL session going to be established, i.e. using which certificate?

Many thanks.
Vikram

Syndicate content