Comment on Cloudflare Tunnel?
3abas@lemmy.world 1 day agoYou can (and I do) terminate TLS locally and have your data encrypted through the tunnel. Use Traefik/Caddy for easy automated certs with containers or whatever flow you prefer to automate acme certs provisioning locally. You’ll have to configure your tunnel to hit a local DNS so it can route the domain to your local IP instead of the public records on the tunnel.
hendrik@palaver.p3x.de 1 day ago
I’m fairly sure what you mean is, traffic is decrypted in the middle and the re-encrypted before it gets sent your way. Otherwise they couldn’t do proxying or threat detection/mitigation for you.
3abas@lemmy.world 1 day ago
You’re right, sorry, that was a heavy brain fart. The data needs to be decrypted on cloudflare’s end before being proxied and send to your services.