diff --git a/pages/index.md b/pages/index.md
index 8a6ddee8cae..eb9db599cc6 100644
--- a/pages/index.md
+++ b/pages/index.md
@@ -684,6 +684,7 @@
+ [Updating a Load Balancer size via the Horizon interface](public_cloud/public_cloud_network_services/update-load-balancer-size)
+ [Tutorials](public-cloud-network-tutorials)
+ [Configuring a secure Load Balancer with Let's Encrypt](public_cloud/public_cloud_network_services/tutorials-01-secure-lb-letsencrypt)
+ + [Configuring a TERMINATED_HTTPS listener via CLI / Horizon](pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat)
+ [Local Zone VPN-as-a-Service (VPNaaS) with Tailscale Integration](public_cloud/compute/local-zones-vpn-tailscale-integration)
+ [Securing your OVHcloud infrastructure with Stormshield Network Security](public_cloud/public_cloud_network_services/tutorial-stormshield_network_security_vrack)
+ [Securing your OVHcloud infrastructure with Ubika WAAP Gateway](public_cloud/public_cloud_network_services/tutorial-ubika_vrack)
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/guide.en-gb.md b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/guide.en-gb.md
new file mode 100644
index 00000000000..fbbc99a82eb
--- /dev/null
+++ b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/guide.en-gb.md
@@ -0,0 +1,176 @@
+---
+title: "Configuring a TERMINATED_HTTPS listener via CLI / Horizon"
+excerpt: "Discover how to configure a secure Public Cloud Load Balancer with a certificate from a third-party supplier."
+updated: 2024-12-12
+---
+
+
+
+## Objective
+
+Our Public Cloud Load Balancer is based on [OpenStack Octavia](https://wiki.openstack.org/wiki/Octavia){.external} and is fully integrated into the Public Cloud universe.
+
+After setting up your Load Balancer, you can configure it with a certificate in order to process HTTPS connections.
+
+**This tutorial explains how to configure a secure Public Cloud Load Balancer.**
+
+## Requirements
+
+- A [Public Cloud project](https://www.ovhcloud.com/en-gb/public-cloud/) in your OVHcloud account
+- [Preparing your environment for using the OpenStack API](/pages/public_cloud/compute/prepare_the_environment_for_using_the_openstack_api)
+- [OpenStack Octavia client](https://docs.openstack.org/python-octaviaclient/latest/install/index.html) and [OpenStack Barbican](https://docs.openstack.org/python-barbicanclient/latest/install/index.html) set up
+- A certificate from a third-party supplier.
+
+If you are not yet familiar with creating a Load Balancer, please follow our guide on [Getting started with Load Balancer on Public Cloud](/pages/public_cloud/public_cloud_network_services/getting-started-01-create-lb-service) before you continue with this tutorial.
+
+## Instructions
+
+### Attaching a Floating IP address to a Load Balancer
+
+You can find the instructions for this part in this [documentation](/pages/public_cloud/public_cloud_network_services/tutorials-01-secure-lb-letsencrypt) in the section bearing the same name.
+
+### Preparing the certificate
+
+For this stage, we will need your certificate, which has already been generated.
+
+When your certificate is generated by your supplier, you generally receive 2 or 3 files, described as follows:
+- Main certificate (.crt or .pem file).
+- Private key (.key file) generated during the CSR request.
+- Intermediate certificate or complete chain (.crt file), if supplied. Some suppliers already include the intermediate chain in the main certificate, in which case you will only receive 2 files.
+
+> [!warning]
+>
+> If you have obtained 3 files, you will need to merge the main certificate with the intermediate certificate to create a complete certificate. If your supplier already provides a complete certificate incorporating the intermediate chain, this merging step should be omitted.
+>
+
+```bash
+sudo cat > main_certificate.pem
+```
+
+You need to create a PKCS#12 package with your certificate inside:
+
+```bash
+sudo openssl pkcs12 -export -inkey -in -out domain.tld.p12
+```
+
+You must download this file directly onto your computer in order to be able to send it to Openstack Barbican (‘Secret as a Service’).
+
+```bash
+openstack secret store --name='cert-domain.tld' -t 'application/octet-stream' -e 'base64' --payload="$(base64 < domain.tld.p12)"
+```
+
+### Configuring your Load Balancer
+
+
+/// details | Via Horizon
+
+In the Horizon interface, open the `Network`{.action} section, then click `Load Balancers.`{.action}
+
+Select your Load Balancer by clicking on `the name of your Load Balancer.`{.action}
+
+You can now click on the `Listeners`{.action} section, then on `Create Listener` as follows:
+
+{.thumbnail}
+
+In the first section, called ‘Listener Details’, you need to name the listener, choose the `HTTP`{.action} protocol and the `80`{.action} port.
+
+{.thumbnail}
+
+In the second section called ‘Pool details’, under ‘Create Pool’ click `No`{.action}, then at the bottom click `Create Listener.`{.action}.
+
+{.thumbnail}
+
+Once this has been created, you can click on `the listener name`{.action}, then `L7 policies.`{.action} and `Create L7 Policy.`{.action}.
+
+{.thumbnail}
+
+In this window, you need to name the L7 Policy, choose the value `REDIRECT_TO_URL`{.action} in the ‘Action’ field and then `write its domain name`{.action} in the ‘Redirect URL’ field. You can click on `Create L7 policy`{.action} button at the bottom of the window to create your L7 Policy.
+
+{.thumbnail}
+
+///
+
+/// details | Via the OpenStack API or via the OVHcloud Control Panel
+
+To create a listener via the OpenStack API or via the OVHcloud Control Panel you can use [this guide](/pages/public_cloud/public_cloud_network_services/getting-started-01-create-lb-service), in the "Configuring your Load Balancer" section.
+
+Then configure the redirection of HTTP requests to HTTPS:
+
+```bash
+openstack loadbalancer l7policy create --action REDIRECT_TO_URL --redirect-url https:// --name redirect-to-https http-listener
+```
+
+///
+
+### Configuring the secure Listener on the Load Balancer
+
+Now that you have managed your certificate, you can add a secure Listener and associate a pool and its members with it:
+
+/// details | Via Horizon
+
+In the Horizon interface, open the `Network`{.action} section, then click `Load Balancers.`{.action}
+
+Select your Load Balancer by clicking on `the name of your Load Balancer.`{.action}
+
+You can now click on the `Listeners`{.action} section, then on `Create Listener` as follows:
+
+{.thumbnail}
+
+In the first section, called ‘Listener Details’, you need to name the listener, choose the protocol `TERMINATED_HTTPS`{.action} and the port `443`{.action}.
+
+{.thumbnail}
+
+In the second section, called ‘Pool Details’, you need to name your Pool, choose the value `ROUND_ROBIN`{.action} in the 'Algortihm' field and press `Yes`{.action} under the “TLS Enabled” field.
+
+{.thumbnail}
+
+In the third section, called ‘Pool Members’, select the corresponding instance and press the `Add`{.action} button at the end of the line. Once this has been done, select port `80.`{.action} as the ‘Port’.
+
+{.thumbnail}
+
+For the ‘Monitor Details’ section, we're going to click `No`{.action} as we won't be demonstrating this part in this guide.
+
+Now go to the section called `SSL Certificates`{.action} and select the certificate that was previously added to Openstack Barbican, [in this part](#preparingcertificate).
+You can click `Create Listener`{.action} button at the bottom of the window to create your configured Load Balancer.
+
+{.thumbnail}
+
+///
+
+/// details | Via the OpenStack API
+
+```bash
+openstack loadbalancer listener create --protocol-port 443 --protocol TERMINATED_HTTPS --name https-listener --default-tls-container=$(openstack secret list | awk '/ cert-domain.tld / {print $2}') my_load_balancer
+
+openstack loadbalancer pool create --name pool-tls --lb-algorithm ROUND_ROBIN --listener https-listener --protocol HTTP
+
+openstack loadbalancer member create --subnet-id my_subnet --address --protocol-port 80 pool-tls
+```
+
+///
+
+You can now access your Load Balancer securely. However, you will need to renew your certificate. Check the renewal policy with your certificate provider.
+
+## Go further
+
+[Official documentation of OpenStack Octavia](https://docs.openstack.org/octavia/latest/)
+
+[Cookbook OpenStack Octavia](https://docs.openstack.org/octavia/latest/user/guides/basic-cookbook.html)
+
+[Getting started with Load Balancer on Public Cloud](/pages/public_cloud/public_cloud_network_services/getting-started-01-create-lb-service)
+
+If you need training or technical assistance to implement our solutions, contact your sales representative or click on [this link](https://www.ovhcloud.com/en-gb/professional-services/) to get a quote and ask our Professional Services experts for assisting you on your specific use case of your project.
+
+Join our community of users on .
\ No newline at end of file
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/guide.fr-fr.md b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/guide.fr-fr.md
new file mode 100644
index 00000000000..bf4ed70b02a
--- /dev/null
+++ b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/guide.fr-fr.md
@@ -0,0 +1,176 @@
+---
+title: "Configurer un listener TERMINATED_HTTPS via CLI / Horizon"
+excerpt: "Découvrez comment configurer un Load Balancer Public Cloud sécurisé avec un certificat provenant d'un fournisseur tiers."
+updated: 2024-12-12
+---
+
+
+
+## Objectif
+
+Notre Load Balancer Public Cloud est basé sur le service [Openstack Octavia](https://wiki.openstack.org/wiki/Octavia){.external} et est entièrement intégré dans l'univers Public Cloud.
+
+Une fois votre Load Balancer mis en place, vous pouvez le configurer avec un certificat afin de traiter les connexions HTTPS.
+
+**Découvrez comment configurer un Load Balancer Public Cloud sécurisé**
+
+## Prérequis
+
+- Un [projet Public Cloud](https://www.ovhcloud.com/fr/public-cloud/)
+- Utiliser l'environnement de commande d'Openstack ([Tutoriel](/pages/public_cloud/compute/prepare_the_environment_for_using_the_openstack_api))
+- Avoir installé le [client Openstack Octavia](https://docs.openstack.org/python-octaviaclient/latest/install/index.html) et [Openstack Barbican](https://docs.openstack.org/python-barbicanclient/latest/install/index.html)
+- Un Load Balancer actif dans votre projet
+- Un certificat provenant d'un fournisseur tiers.
+
+Si vous n'êtes pas encore familier avec la création du Load Balancer, veuillez consulter notre guide « [Premiers pas avec le service Load Balancer Public Cloud](/pages/public_cloud/public_cloud_network_services/getting-started-01-create-lb-service) » avant de poursuivre la lecture de ce guide.
+
+## En pratique
+
+### Attacher une adresse Floating IP à un Load Balancer
+
+Vous trouverez les instructions pour cette partie dans cette [documentation](/pages/public_cloud/public_cloud_network_services/tutorials-01-secure-lb-letsencrypt) dans la section portant le même nom.
+
+### Préparation du certificat
+
+Nous aurons pour cette étape besoin de votre certificat, généré au préalable.
+
+Lors de la génération de votre certificat auprès de votre fournisseur, vous recevez généralement 2 ou 3 fichiers, décrits comme suit :
+- Certificat principal (fichier au format .crt ou .pem).
+- Clé privée (fichier .key) générée lors de la requête CSR.
+- Certificat intermédiaire ou chaîne complète (fichier .crt), si fourni. Certains fournisseurs intègrent déjà la chaîne intermédiaire au certificat principal, auquel cas vous ne recevrez que 2 fichiers.
+
+> [!warning]
+>
+> Si vous avez obtenu 3 fichiers, il vous faudra fusionner le certificat principal avec le certificat intermédiaire pour créer un certificat complet. Si votre fournisseur fournit déjà un certificat complet intégrant la chaîne intermédiaire, cette étape de fusion doit être omise.
+>
+
+```bash
+sudo cat > main_certificate.pem
+```
+
+Vous devez créer un package PKCS#12 avec votre certificat à l'intérieur :
+
+```bash
+sudo openssl pkcs12 -export -inkey -in -out domain.tld.p12
+```
+
+Vous devez télécharger ce fichier directement sur votre ordinateur afin de pouvoir l'envoyer dans Openstack Barbican ("Secret as a Service").
+
+```bash
+openstack secret store --name='cert-domain.tld' -t 'application/octet-stream' -e 'base64' --payload="$(base64 < domain.tld.p12)"
+```
+
+### Configurer le Load Balancer
+
+/// details | Depuis l'interface Horizon
+
+Dans l'interface d'Horizon, `ouvrir la section Network`{.action} puis cliquer sur `Load Balancers.`{.action}
+
+Sélectionnez votre Load Balancer en cliquant sur `le nom de votre Load Balancer.`{.action}
+
+Vous pouvez désormais cliquer sur la section `Listeners`{.action}, puis sur `Create Listener` comme suit :
+
+{.thumbnail}
+
+Dans la première section nommée 'Listener Details', il faut nommer le listener, choisir le protocol `HTTP`{.action} ainsi que le port `80`{.action}.
+
+{.thumbnail}
+
+Dans la seconde nommée 'Pool détails', sous 'Create Pool' cliquez sur `No`{.action}, puis en bas, cliquez sur `Create Listener.`{.action}
+
+{.thumbnail}
+
+Une fois celui-ci crée, vous pouvez cliquer sur `le nom du listener`{.action}, puis sur `L7 policies.`{.action} et `Create L7 Policy.`{.action}
+
+{.thumbnail}
+
+Dans cette fenêtre, il faut nommer la L7 Policy, choisir dans le champs 'Action' `la valeur REDIRECT_TO_URL`{.action} puis `écrire son nom de domaine`{.action} dans le champs 'Redirect URL'. Vous pouvez cliquer sur le bouton `Create L7 policy`{.action} en bas de la fenêtre pour créer votre L7 Policy.
+
+{.thumbnail}
+
+///
+
+/// details | Depuis l'API OpenStack ou l'espace client OVHcloud
+
+Pour créer un listener via l'API OpenStack ou via l'espace client OVHcloud, vous pouvez utiliser [ce guide](/pages/public_cloud/public_cloud_network_services/getting-started-01-create-lb-service), dans la section « Configurer votre Load Balancer ».
+
+Puis configurer la redirection des requêtes HTTP vers HTTPS :
+
+```bash
+openstack loadbalancer l7policy create --action REDIRECT_TO_URL --redirect-url https:// --name redirect-to-https http-listener
+```
+
+///
+
+### Configurer le Listener sécurisé sur le Load Balancer
+
+Maintenant que vous avez géré votre certificat, vous pouvez ajouter un Listener sécurisé et y associer un pool et ses membres :
+
+/// details | Depuis l'interface Horizon
+
+Dans l'interface d'Horizon, `ouvrir la section Network`{.action} puis cliquer sur `Load Balancers.`{.action}
+
+Sélectionnez votre Load Balancer en cliquant sur `le nom de votre Load Balancer.`{.action}
+
+Vous pouvez désormais cliquer sur la section `Listeners`{.action}, puis sur `Create Listener` comme suit :
+
+{.thumbnail}
+
+Dans la première section nommée 'Listener Details', il faut nommer le listener, choisir le protocol `TERMINATED_HTTPS`{.action} ainsi que le port `443`{.action}.
+
+{.thumbnail}
+
+Dans la seconde section nommée 'Pool Details', il faut nommer son Pool, choisir dans le champs 'Algortihm' `la valeur 'ROUND_ROBIN`{.action} et appuyer sur `Yes`{.action} sous le champs 'TLS Enabled'.
+
+{.thumbnail}
+
+Dans la troisème section nommée 'Pool Members', il faut choisir l'instance correspondante et appuyer sur le bouton `Add`{.action} se trouvant en fin de ligne, puis lorsque ceci est fait, il faut sélectionner comme 'Port' le port `80.`{.action}
+
+{.thumbnail}
+
+Concernant la section 'Monitor Details', nous allons cliquer sur `No`{.action} car nous ne feront pas la démonstration de cette partie dans ce guide.
+
+Rendez-vous maintenant dans la section nommée `SSL Certificates`{.action} et sélectionnez le certificat qui à été ajouté préalablement sur Openstack Barbican, [dans cette partie](#preparingcertificate).
+Vous pouvez cliquer sur le bouton `Create Listener`{.action} en bas de la fenêtre pour créer votre Load Balancer configuré.
+
+{.thumbnail}
+
+///
+
+/// details | Depuis l'API OpenStack
+
+```bash
+openstack loadbalancer listener create --protocol-port 443 --protocol TERMINATED_HTTPS --name https-listener --default-tls-container=$(openstack secret list | awk '/ cert-domain.tld / {print $2}') my_load_balancer
+
+openstack loadbalancer pool create --name pool-tls --lb-algorithm ROUND_ROBIN --listener https-listener --protocol HTTP
+
+openstack loadbalancer member create --subnet-id my_subnet --address --protocol-port 80 pool-tls
+```
+
+///
+
+Vous pouvez maintenant accéder à votre Load Balancer de manière sécurisée. Attention toutefois, il faudra renouveler le certificat. Vérifiez la politique de renouvellement auprès de votre fournisseur de certificat.
+
+## Aller plus loin
+
+[Premiers pas avec le service Load Balancer pour Public Cloud](/pages/public_cloud/public_cloud_network_services/getting-started-01-create-lb-service)
+
+[Documentation officielle d'Openstack Octavia](https://docs.openstack.org/octavia/latest/)
+
+[Cookbook Openstack Octavia](https://docs.openstack.org/octavia/latest/user/guides/basic-cookbook.html)
+
+Si vous avez besoin d'une formation ou d'une assistance technique pour la mise en oeuvre de nos solutions, contactez votre commercial ou cliquez sur [ce lien](https://www.ovhcloud.com/fr/professional-services/) pour obtenir un devis et demander une analyse personnalisée de votre projet à nos experts de l’équipe Professional Services.
+
+Échangez avec notre [communauté d'utilisateurs](/links/community).
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/l7policycreation.png b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/l7policycreation.png
new file mode 100644
index 00000000000..da5a939c477
Binary files /dev/null and b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/l7policycreation.png differ
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpcreation1.png b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpcreation1.png
new file mode 100644
index 00000000000..6140fea53f9
Binary files /dev/null and b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpcreation1.png differ
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpcreation2.png b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpcreation2.png
new file mode 100644
index 00000000000..eb582e0a8c1
Binary files /dev/null and b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpcreation2.png differ
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation1.png b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation1.png
new file mode 100644
index 00000000000..557fae58ee1
Binary files /dev/null and b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation1.png differ
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation2.png b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation2.png
new file mode 100644
index 00000000000..9e4700a5418
Binary files /dev/null and b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation2.png differ
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation3.png b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation3.png
new file mode 100644
index 00000000000..86709dcaa2c
Binary files /dev/null and b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation3.png differ
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation4.png b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation4.png
new file mode 100644
index 00000000000..8a43fd61ac3
Binary files /dev/null and b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerhttpscreation4.png differ
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerpolicieslist.png b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerpolicieslist.png
new file mode 100644
index 00000000000..2a9d7cb511a
Binary files /dev/null and b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/listenerpolicieslist.png differ
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/loadbalancerlistenerslist.png b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/loadbalancerlistenerslist.png
new file mode 100644
index 00000000000..75360720dcf
Binary files /dev/null and b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/images/loadbalancerlistenerslist.png differ
diff --git a/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/meta.yaml b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/meta.yaml
new file mode 100644
index 00000000000..4c4b7dbff5a
--- /dev/null
+++ b/pages/public_cloud/public_cloud_network_services/tutorials-02-secure-lb-external-certificat/meta.yaml
@@ -0,0 +1,2 @@
+id: 971a9f5e-3149-4fba-9b70-c94629dcdbcf
+full_slug: public-cloud-network-load-balancer-third-party-certificat
\ No newline at end of file