How to Make Istio SSL Offloading Work with Nginx

In many corporate system infrastructures, it’s very important for the information to be encrypted end-to-end, to be protected from potential vulnerabilities. We’ve learned from our experience that creating a fully secure setup is essential. The main part of the diagram that we will focus on today will be the traffic going from the Nginx proxy to Istio’s HTTPS port. Keep in mind that, even if it’s not compulsory to have a full HTTPS connection between Nginx and Istio, there are applications that won’t work if you don’t use SSL offloading in front (Keycloak, for example).