suppose there are three machine: client,load balancer and Service machine ,and the Service is invoked by the load balancer.
If we want to secure the communication between client and Service via Load balancer. Some kind of person tellme use the two following mode:
transport security mode:(SSL,HTTPS) making two SSL connections - between client and load balancer, and between load balancer and service.and the load balancer must decrypt and understand it before dispating to service , so it is unsecured because the load balancer can "see" the content of the messages.
messages security mode: message is passed to load balancer, and the load balancer kept the message encrypted and just forward to the Service,so it is secured because the load balancer can not "see" the content of the messages.
So,my puzzle is if we use transport security mode,
why can't we establish one SSL connection between client and service directly instead of created two SSL connections , so the role of the load balancer is just forward the encrypted the messages to service just as it's role in the message security model?
if that is the true,we can ensure the security between client and Service by using SSL,because the load balancer can not "see" the content of the encrypted messages.
is it true?
