How does SSL Termination (SSL Offloading) work?
Updated Apr 28, 2026
Short answer
The LB decrypts incoming SSL traffic and passes it to backend servers as plain HTTP to reduce server CPU load.
Deep explanation
Mid-level load balancing involves optimization and protocol handling. SSL Offloading is a huge win for application performance. However, architects must decide between SSL Termination (decrypt at LB) and SSL Passthrough (decrypt at server) based on security requirements.
Real-world example
An e-commerce site terminating SSL at a Cloud Load Balancer to perform URL-based routing to 'Checkout' vs 'Catalog' services.
Common mistakes
- Relying on DNS Round Robin for high availability without a low TTL, leading to 15-minute outages when a server dies.
Follow-up questions
- What is SNI (Server Name Indication)?