v1.8.91-d84675c
← Back to Glossary

SSL Termination

Infrastructure

Definition

SSL termination is the process of decrypting incoming encrypted traffic at the proxy or load balancer before forwarding it to backend servers, offloading cryptographic work to edge infrastructure.

What is SSL Termination?

SSL termination (or TLS termination) is the process of decrypting incoming encrypted traffic at the proxy or load balancer before forwarding it to backend servers in plaintext. This offloads the computationally expensive encryption and decryption work from backend servers to specialized edge infrastructure.

Decryption at the Edge, Plaintext Internally

The proxy or load balancer holds the SSL/TLS certificate and private key. When a client initiates an HTTPS connection, the TLS handshake occurs between the client and the termination point. The encrypted traffic is decrypted at this edge, allowing inspection, caching, and modification if needed. The decrypted request is then forwarded to the backend server over a private internal connection, either in plaintext or re-encrypted with a less expensive internal certificate. Response traffic follows the reverse path.

Within Hex Proxies infrastructure, SSL termination happens at the edge of the gateway layer. Your encrypted connection to gate.hexproxies.com:8080 is terminated at the edge, allowing the internal routing system to inspect headers for authentication and targeting parameters before forwarding your request to the appropriate backend proxy node.

Performance Benefits of Edge Termination

SSL termination optimizes proxy infrastructure performance by centralizing the CPU-intensive cryptographic operations. It also enables features like HTTP inspection, content caching, and request routing that require access to the decrypted traffic. Hex Proxies infrastructure uses hardware-accelerated SSL termination to minimize latency while maintaining enterprise-grade security at the edge.

Related Terms

Reverse Proxy

A reverse proxy sits in front of backend servers and intercepts incoming client requests, distributing traffic, enhancing security, and optimizing performance for the backend infrastructure.

TLS Handshake

A TLS handshake is the process by which a client and server establish an encrypted connection, negotiating protocol version, cipher suite, and exchanging cryptographic keys.

HTTPS Proxy

An HTTPS proxy handles encrypted web traffic by supporting the CONNECT method, establishing a secure tunnel between client and target while maintaining end-to-end encryption.

Put Your Knowledge Into Practice

Explore proxy plans optimized for your workflow.

Create AccountView Pricing

Related Resources

Residential Proxies

High-quality residential proxies with rotating IPs from 100+ countries. Perfect for web scraping, data collection, and market research.

ISP Proxies

Ultra-fast ISP proxies with static IPs and unlimited bandwidth. Optimized for sneaker sites, social media, and high-speed tasks.

Rotating Proxies

Automatic IP rotation with every request or on a timed interval. Built for large-scale scraping and data collection.

Static Proxies

Dedicated static IPs that remain yours. ISP-grade trust with datacenter speed for account management and consistent identity.

Cookie Preferences

We use cookies to ensure the best experience. You can customize your preferences below. Learn more