On 08/10/2023 04:00, Courtney wrote:
> Ultimately, I want to serve a handful of services on 80/443 that are
> easily accessible internally and externally, and I don't want to have
> unencrypted traffic between relayd and my server for the services that
> are passing sessions and such.
Then don't terminate the connection on relayd. Use redirect instead of a relay and terminate on the web server itself.
It will also be a little faster since the router/relayd will only route/pass the packets to the appropriate backend server.
For internal traffic you have to use appropriate DNS (local IP) and maybe a different certificate.
G
No comments:
Post a Comment