What TLS termination modes does OpenShift Route support?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Red Hat OpenShift Developer II DO288 Exam with our quizzes. Study with flashcards and multiple choice questions, each with hints and explanations. Get ready for your certification!

Multiple Choice

What TLS termination modes does OpenShift Route support?

Explanation:
TLS termination in OpenShift Route can occur in three modes: edge, passthrough, and reencrypt. Each mode defines where the TLS handshake ends and how encryption is handled between the router and the backend service. In edge termination, the TLS connection from the client ends at the router. The router decrypts the traffic and forwards it to the backend, typically as plain HTTP. This is simple to manage because TLS certificates are only required at the router, but the connection to the backend is not end-to-end encrypted by the router. In passthrough termination, the TLS connection from the client is passed through the router to the backend service without the router decrypting it. The backend handles the TLS termination, so the end-to-end encryption is preserved all the way to the service. This is useful when the backend needs to manage its own certificates and TLS configuration. In reencrypt termination, the TLS connection from the client ends at the router and is then re-encrypted to the backend. The router terminates the client TLS, but the traffic to the backend is TLS again, using a separate certificate for the backend. This provides end-to-end encryption with a separate certificate for the backend, offering stronger security controls. Because OpenShift Route supports all three termination modes, the best answer includes edge, passthrough, and reencrypt.

TLS termination in OpenShift Route can occur in three modes: edge, passthrough, and reencrypt. Each mode defines where the TLS handshake ends and how encryption is handled between the router and the backend service.

In edge termination, the TLS connection from the client ends at the router. The router decrypts the traffic and forwards it to the backend, typically as plain HTTP. This is simple to manage because TLS certificates are only required at the router, but the connection to the backend is not end-to-end encrypted by the router.

In passthrough termination, the TLS connection from the client is passed through the router to the backend service without the router decrypting it. The backend handles the TLS termination, so the end-to-end encryption is preserved all the way to the service. This is useful when the backend needs to manage its own certificates and TLS configuration.

In reencrypt termination, the TLS connection from the client ends at the router and is then re-encrypted to the backend. The router terminates the client TLS, but the traffic to the backend is TLS again, using a separate certificate for the backend. This provides end-to-end encryption with a separate certificate for the backend, offering stronger security controls.

Because OpenShift Route supports all three termination modes, the best answer includes edge, passthrough, and reencrypt.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy