You are not logged in.
Hi,
Let's say I setup a reverse proxy on a VPS provider, the proxy presents client with its certificate, and connects to upstream server that has its own certificate. What are some of the security risks during this bump?
Presumably the proxy needs to decrypt and re-encrypt traffic for the 2 certificates, and during this time things like user passwords are somewhere in proxy's memory un-encrypted.
Any ideas on configuration to avoid this and achieve end-to-end encryption?
As a bit of background, the reason I have a proxy is at my trusted location I'm unable to server on port 443, just some esoteric port. I wouldn't mind getting a VPS to act as a proxy and serve on standard port. But, don't like the idea of my passwords flowing through it un-encrypted.
Thanks for the input.
Offline