Naveenommi-MSFT
commented
1 year ago @swellhunter Thanks for your feedback! We will investigate and update as appropriate.
Closed swellhunter closed 1 year ago
Naveenommi-MSFT
commented
1 year ago @swellhunter Thanks for your feedback! We will investigate and update as appropriate.
AjayBathini-MSFT
commented
1 year ago @swellhunter You are correct that the article you mentioned does not explicitly mention in-transit encryption post TLS offload. However, it is important to note that once the traffic is decrypted at the load balancer, it is no longer encrypted in transit.
In Azure, you can use the Application Gateway or the Azure Load Balancer with SSL/TLS offload to terminate SSL/TLS traffic at the load balancer. After the traffic is decrypted, it is forwarded to the backend servers over the internal network, which is considered secure.
If you require end-to-end encryption, you can use IPsec or Azure ExpressRoute to encrypt traffic between your on-premises network and Azure.
I hope this helps. Let me know if you have any further questions.
[Enter feedback here] It seems that there is no option for in transit in-transit encryption post TLS offload? A statement to this effect is very hard to find. Whilst it is not not necessarily important, many of our roles require us to answer surveys that require a definitive answer on in-transit encryption. So after the ILB everything is clear?
Document Details
⚠ Do not edit this section. It is required for learn.microsoft.com ➟ GitHub issue linking.