HTTPS encrypts traffic between client and server. But where does encryption end?
SSL termination at load balancer: Clients connect via HTTPS. Load balancer decrypts, then forwards plain HTTP to backend servers. Backend servers don't handle encryption.
Benefits:
- Simpler backend configuration
- One place to manage certificates
- Load balancer can inspect traffic for routing
End-to-end encryption: Re-encrypt between load balancer and backends. More secure but more complex.
Most systems terminate SSL at the load balancer. Mention end-to-end encryption for highly sensitive data (healthcare, finance).