Without SSL on the LAN side of a reverse proxy, I presume that all traffic between the server and the reverse proxy is unencrypted and, thus, accessible to any device on the LAN.

Which specific scenarios result in this being a concern? The primary concern that I can come up with is if you know that there are untrustworthy entities connected to the LAN (untrustworthy devices, or perhaps malicious individuals).

  • RegalPotoo@lemmy.world
    link
    fedilink
    English
    arrow-up
    8
    ·
    10 months ago

    The MITM risk is pretty minimal, but operationally it makes life a ton easier if everything has valid SSL certs