can we install ssl only on servers and can we skip ssl on loadbalancers?
Hi @Thiruvarasu ,
No, this is not going to to work if you’re going to install SSL certificates only on the server side and then skip SSL certificates on the load balancer side.
SSL/TLS termination is needed at the load balancer to decrypt the incoming traffic (HTTPS). This is explained on this documentation. This is how the load balancer work :
- Terminate the SSL connection.
- Decrypt the traffic.
- Forward it back to the servers (backend) via an unencrypted connection.
Therefore, if you’re going to use GCP load balancers, you need to install SSL/TLS certificates on the load balancer itself to enable the SSL/TLS termination. The load balancer’s role is to be the termination point for traffic that are encrypted then back to the servers (backend) as decrypted traffic.