| ▲ | XorNot 5 hours ago | |||||||
The solution to this is TLS SNI redirecting. You can front a TLS server on port 443 and then redirect without decrypting the connection based on the SNI name to your final destination host. | ||||||||
| ▲ | miladyincontrol 3 hours ago | parent | next [-] | |||||||
Im not saying its the solution I would implement but caddy's L4 module does let you do this, essentially using TLS as a tunnel and openssl in the proxy command to terminate it client side. | ||||||||
| ▲ | J-Kuhn 5 hours ago | parent | prev [-] | |||||||
But... this doesn't work for SSH, which is the problem here? | ||||||||
| ||||||||