Maybe I am wrong, but I thought that relayd was not capable of doing
TLS pass through? That would be preferable if it is possible.
Courtney
On 10/9/23 00:42, Kapetanakis Giannis wrote:
On 08/10/2023 04:00, Courtney wrote:
Ultimately, I want to serve a handful of services on 80/443 that are
easily accessible internally and externally, and I don't want to have
unencrypted traffic between relayd and my server for the services that
are passing sessions and such.
Then don't terminate the connection on relayd. Use redirect instead of a relay
and terminate on the web server itself.
It will also be a little faster since the router/relayd will only route/pass
the packets to the appropriate backend server.
For internal traffic you have to use appropriate DNS (local IP) and maybe a
different certificate.
G
