SSL Termination
Decrypting TLS-encrypted traffic at a load balancer or reverse proxy so backend servers receive plain HTTP. Offloads CPU-intensive crypto work and simplifies certificate management.
What is SSL Termination?
Decrypting TLS-encrypted traffic at a load balancer or reverse proxy so backend servers receive plain HTTP. Offloads CPU-intensive crypto work and simplifies certificate management.
SSL Termination is a foundational concept that sits in the Load Balancing & Proxies area of system design. Engineers reach for it whenever they need to reason about real-world trade-offs in that space — not just for textbook correctness, but because real production systems at companies like Netflix, Amazon, and Google make these decisions every day.
If you want to go deeper than this definition — with diagrams, code, and a quiz to lock it in — work through the "SSL Termination" lesson linked below. It walks through the why, the mechanism, the trade-offs, and how the giants actually use it in production.
Learn SSL Termination in depth
Full interactive lesson with diagrams, code examples, real-world references, and a quiz.
Open the SSL Termination lessonSee also
Related glossary terms you might want to look up next.
SSL/TLS
Cryptographic protocols that encrypt data in transit between client and server. TLS is the modern successor to SSL. The 'S' in HTTPS.
Reverse Proxy
A server that sits in front of your backend servers and forwards client requests to them. Handles SSL termination, caching, and load balancing.
Load Balancer
Distributes incoming traffic across multiple servers so no single server gets overwhelmed. Like a traffic cop directing cars to different lanes.