SSL Offloading

The practice of decrypting incoming TLS traffic at a dedicated load balancer, ADC (Application Delivery Controller), or hardware appliance so that backend application servers receive and process only plaintext HTTP traffic. SSL offloading reduces CPU utilisation on application servers, which typically lack hardware crypto acceleration, and allows the load balancer to inspect HTTP content for routing, logging, and security decisions. The backend-to-LB network segment is typically trusted and kept on a private VLAN; re-encryption of traffic from LB to backend (TLS passthrough or backend TLS) can be added for end-to-end encryption in high-security environments.