SSL/TLS Termination

Is a proxy server that is used to handle incoming TLS connections, decrypting the TLS and passing on unencrypted requests to other servers. This reduces the load on the upstream servers by not having to handle decryption and encryption.

• Apache HTTP server, HAProxy, NGINX, Squid can all act as SSL termination proxies
• ssl can be terminated at the load balancer level if the connection to the upstream (data centers or cloud servers) is very trustworthy
• this source mentions that ssl should be terminated at the load balancer because it offers a centralized place to correct SSL attacks, reducing termination complexity