SSL/TLS Termination, TLS Forward Proxy Pros and Cons

TLS Termination is a critical feature of any layer 7 proxy. Here are some Pros & Cons
🖌 Offloads Crypto from backend
🖌 Caching (eg. Varnish)
🖌 Intrusion detection system
🖌 Load Balancing and Service Mesh
🖍 Limited by the Max Conn. of the Proxy
🖍 Dangerous when compromised

thanks for not having a boring introduction in your video & getting straight to the point

Thanks, Hussein this is one of the best video on TLS termination on the web.

Really good stuff man. Very clear and straight forward

The most clear explanation I have seen.

One con I can think of right now is that special services ( e.g. downloading patch/upgrade packages) for your servers do not work well if you have a proxy in the middle from a different vendor.
Kudos for this excellent explanation!

Thank you. All of your videos are helpful. You're awesome! Please keep going!

clear explain and points about the subject. Thanks Hussein

Thank you this is actually useful.
Vs what alot of people do, which is usually just a money grift.

What measures are in place to safeguard confidential data of the end user using a connection through a proxy, such as authentication and personal data?

thanks Hussein, you have taught me a lot. I also did your courses.

for load Balancing do we really need tls termination , the header is not encrypted, only the content so i can look at the header and see what i want to see right ?

Hello Hussein thank you for the content you have been posting. Would it be possible if you can make a video on HAR captures and Fiddler with some example along with core concept.

Hi bro,is it possible to terminate ssl at zuul gateway? If not any suggestion?

Does the SSL termination happen at API Gateway i.e is proxy same as API Gateway

Hi
I am confused about the internal how reverse proxy, inbound request, and outbound request work.
I have an appliance server sitting behind Nginx reverser proxy (http2 enabled). So all the API made to the appliance server will go through the nginx. Here Nginx will do the SSL/TLS termination etc.
Till here I am able to understand and visualize what is going on for all the incoming requests to my server.
Now when the application server will make a request (outbound), can we tunnel it through Nginx?

Week done!

Good stuff!

Fantastic

A little bit confusing, I previously thought TLS forward proxy is forward proxy + Tunnel for HTTPs, the client still TCP/TLS handshakes with targert server via tunnel. What is the name of this forward proxy, or call it HTTPs forward porxy?

Hi great vid. What if you use a proxy to do ssl termination on the actual webserver, so all the data is passed internally. I know HAProxy allows you to do this

TLS Forward Proxy
is this what cloudflare does?
as cloudflare cannot decrypt data so it adds its own SSL for use between the client and cloudflare , and then uses the previous ssl certificate between cloudflare and the origin server?

Hi. Can you help me to create DLL file using Visual Studio? I have already a decompiled code from a DLL and has updated it in a txt file.

can you please cover DoS and how to handle that DoS attack?

Do some new videos CGi

The best name ever HUSSEIN i hope you understand

He hass the same name as me but he has 2 s in naser

You repeat or get stuck with the point alot. But thanks for the tutorial.