There are 3 types of TLS Termination types to select from when you are creating a route in OpenShift. These are:
These TLS Termination types define which part of the communication from the client up to the backing pods behind a service should be encrypted when you are creating an ingress point using a route. Which at the end creates a DNS entry and enables external clients to reach the pods using a URL. This communication will be provided through the router(s) with router(L7) load balancing.
– EDGE: Traffic between the browser and the router will be encrypted by TLS. On the backside of the things, between the router and the pods, it will be unencrypted HTTP traffic.
– PASSTHROUGH: All the traffic from the browser to the pods/applications will be encrypted. Here, your applications have to be able to handle SSL/TLS communication.
– REENCRYPT: In this case, there are 2 separate TLS connections. There is one between the browser and the router and another one between the router and the PODs.
Now, I think the best way to describe the differences is to use drawings. So here you go. Check out the drawings below to get a better understanding of TLS Termination types.
Hope this helps.