On 08/10/2023 04:00, Courtney wrote: > Ultimately, I want to serve a handful of services on 80/443 that are > easily accessible internally and externally, and I don't want to have > unencrypted traffic between relayd and my server for the services that > are passing sessions and such.
Then don't terminate the connection on relayd. Use redirect instead of a relay and terminate on the web server itself. It will also be a little faster since the router/relayd will only route/pass the packets to the appropriate backend server. For internal traffic you have to use appropriate DNS (local IP) and maybe a different certificate. G
