SSL encryption is a method of securely transmitting data over the internet. This is attained using public key cryptography. When a server receives an encrypted request using the SSL protocol, it has to decrypt the request to know its contents to figure out an appropriate response, encrypt the response and send it back to the requesting client. This task of encryption-decryption is computationally expensive. This can cause consumption of a lot of CPU’s resources, thus increasing the load on the servers.
SSL offloading is a method that provides a solution to this problem. By utilizing the feature of SSL offloading in a reverse proxy server, the user’s server is relieved from the encryption-decryption duties as it receives a decrypted HTTPS, i.e., HTTP request. The reverse proxy server handles the decryption of incoming requests and encryption of outgoing responses.
Let’s consider a scenario where a number of requests encrypted using SSL protocol are sent to the user’s server(s):
In this way, the SSL offloading feature reduces the load on the user’s server(s) in the backend.
Let’s take the example of one of our customers who configured a reverse proxy server onto his machine using our product. The client had enabled the feature of SSL/TLS encryption offloading.
Consider a scenario where the customer receives a multitude of HTTPS requests to his servers in the backend referred to using the proxy links he configured. In such cases, as the task of decryption of requests is computationally expensive, it is taken care of by the reverse proxy server. The server decrypts the requests it receives and forwards them to the backend server(s) of the customer (as HTTP requests). The backend servers send an appropriate response to the forwarded request, which is, ultimately, encrypted by the reverse proxy server using public key cryptography before delivering it to the requesting client.