Hacker News new | past | comments | ask | show | jobs | submit login

People who run the origin servers often use a CDN to do TLS termination because they are too incompetent to do it themselves. Not having to enable TLS is a major value-add for certain types and you'll see this advertised prominently by every CDN



There is another value add - being able to use self-signed certs and therefore not have to worry about renewals. Last I checked (~12 months ago), there still isn't a good story for doing automated SSL renewals if your application is completely containerized.


Terminating TLS for an HTTP app running on localhost is trivial. Something like this:

echo "example.com \n reverse_proxy localhost:8000" > Caddyfile; docker run caddy --net host -v $PWD:/config caddy run

It's slightly more complicated if you need redundancy, but not by much.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: