Hi chappy,

If you apply an SSL certificate to a load balancer, it is still recommended to apply an SSL certificate to the FEs as well. The SSL certificate on the load balancer only secures the communication between the client (browser) and the load balancer, but it does not provide end-to-end SSL encryption between the client and the application servers.

Therefore, it is a security best practice to configure end-to-end SSL encryption. Even though the traffic is handled by the load balancer, applying SSL certificates to the FEs helps to ensure the integrity and confidentiality of the data that is transmitted between the client and the FEs.

Additionally, the SSL certificate on the FE is used to secure the communication between the FEs in a multi node scenario, and also between the FEs and other external systems, such as databases or third-party APIs.

Therefore, it is advisable to follow the installation checklist and apply SSL certificates to both the load balancer and front-end servers to ensure the security of your OutSystems application.

If you were still to choose not to install SSL certificates on the FEs, it is possible to have such a setup using a reverse proxy in an SSL Offload scenario described in this article.

IMPORTANT: Keep in mind it does require direct manipulation of OutSystems system database tables. You should not manipulate these tables in any other form not described in the article or indicated by OutSystems official support. Unexpected changes in these tables may result in service disruption.

Hope this helps!

Best regards,

Nordin Ahdi