I need to solve an issue where the HTTP post data is unencrypted in memory for a few seconds before proxying it onto the next server. Let me explain.
In a browser a user enters form data. Sensitive form data.
The browser has an SSL connection to the HTTP server. The HTTP Server has an SSL connection to the back end server. My understanding is that the SSL Connection terminates between each server. Therefore the HTTP Post contents are decrypted when it gets to the HTTP server. The HTTP server or better defined the transport layer then re-encrypts the data before sending to the end server.
The issue here which our customer has asked us to solve is to prevent the clear form data from existing in between receiving the data and sending the data to the back end server. It is a little pedantic but its not my requirement. I'm just trying to solve it.
Many thanks.
The data isn't unencrypted if it is being proxied it is still being encrypted to the endpoint (end server). Or maybe I am misunderstanding you.