SSL Termination Best Practices

SSL/TLS termination at the load balancer decrypts incoming HTTPS traffic so that backend servers receive plain HTTP. This centralises certificate management, offloads CPU-intensive cryptographic operations from your application servers, and gives the load balancer visibility into HTTP traffic for intelligent routing decisions. This guide covers the key decisions and configurations for optimising SSL termination on Tula.

SSL Termination vs SSL Passthrough

The first decision is whether to terminate SSL at the load balancer or pass it through to the backends.

SSL Termination (recommended for most deployments): Decrypts TLS at the load balancer and forwards plain HTTP to backends. Enables L7 features (content routing, header inspection, cookie persistence) and centralises certificate management.

SSL Passthrough: Forwards encrypted traffic directly to backends. Required when compliance mandates end-to-end encryption. Limits the load balancer to L4 operation.

SSL Re-encryption: Terminates client-facing SSL, inspects/routes traffic at L7, then re-encrypts to the backend. Provides both L7 functionality and encrypted backend communication at higher CPU cost.

Configure these modes when creating an L7 VIP under Load Balancing > Virtual IPs.

Cipher Suite Configuration

Tula ships with secure defaults aligned with Mozilla's TLS configuration recommendations:

• Modern -- TLS 1.3 only. Maximum security for current browsers and modern clients.
• Intermediate -- TLS 1.2 and 1.3. Broad compatibility with strong security. Recommended for most deployments.

To configure: navigate to System > SSL Settings, select the TLS profile, set the Minimum TLS Version (TLS 1.2 minimum for production), and click Save.

HSTS (HTTP Strict Transport Security)

HSTS instructs browsers to always connect via HTTPS, preventing protocol downgrade attacks and insecure redirects.

1. Navigate to the L7 VIP configuration.
2. Enable HSTS and configure:
   • max-age: At least 31536000 (one year). Start with a shorter duration during testing.
   • includeSubDomains: Enable if all subdomains also serve HTTPS.
   • preload: Enable only after thorough testing. Once submitted to the browser preload list, removal is difficult and slow.
3. Click Save.

OCSP Stapling

OCSP stapling allows the load balancer to provide certificate revocation status directly to clients, eliminating the need for clients to contact the certificate authority's OCSP responder. This improves TLS handshake performance and client privacy.

1. Navigate to System > SSL Settings.
2. Enable OCSP Stapling.
3. Tula will periodically fetch OCSP responses from the CA and staple them to TLS handshakes automatically.

Certificate Chain Ordering

A correctly ordered certificate chain is essential for compatibility across all clients. The chain must be assembled in the following order:

1. Server certificate (your domain certificate)
2. Intermediate certificate(s) (issued by the CA)
3. Root certificate (optional -- most clients already have it, and including it adds unnecessary bytes)

When uploading certificates in System > SSL Certificates, Tula validates the chain order and warns if it detects issues. Always test with openssl s_client after deployment:

openssl s_client -connect <vip-address>:443 -servername example.com < /dev/null 2>&1 | openssl x509 -noout -subject -issuer

Let's Encrypt Automation

Tula includes built-in Let's Encrypt support for automated certificate issuance and renewal.

1. Navigate to System > SSL Certificates and click Add Certificate.
2. Select Let's Encrypt as the certificate source.
3. Enter the domain name(s) for the certificate.
4. Select the validation method:
   • HTTP-01: Tula automatically serves the challenge response on port 80. Requires that port 80 is reachable from the internet.
   • DNS-01: Requires creating a DNS TXT record. Supports wildcard certificates.
5. Click Issue. Tula will handle the ACME challenge, obtain the certificate, and install it automatically.
6. Renewal happens automatically 30 days before expiry. Monitor the certificate status under System > SSL Certificates to confirm renewals are succeeding.

Monitoring Certificate Expiry

Even with automation, monitoring certificate expiry is a critical safety net.

• Dashboard alerts: Tula displays warnings on the dashboard when any certificate is within 30 days of expiry.
• SNMP: Certificate expiry is exposed via SNMP traps and polled OIDs. Configure your monitoring system to alert on certificates nearing expiry.
• Manual check: Navigate to System > SSL Certificates to view all installed certificates with their expiry dates.

Performance Tuning

TLS Session Resumption: Enabled by default in Tula. Returning clients resume previous sessions without a full handshake, reducing latency.

TLS 1.3: Reduces the handshake from two round trips to one (zero for resumed sessions). Prefer TLS 1.3 where client compatibility allows.

ECDSA Certificates: Equivalent security to RSA at smaller key sizes, resulting in faster handshakes. Select ECDSA as the key type when issuing Let's Encrypt certificates.

Hardware sizing: SSL termination is CPU-intensive. Monitor utilisation under load -- a modern multi-core system handles tens of thousands of TLS 1.3 handshakes per second.