You can use the NSX load balancer configuration scenarios to get an understanding of the required end-to-end workflow. Configure a One-Armed Load BalancerThe Edge Services Gateway (ESG) can be thought of as a proxy for the incoming client traffic. Scenario: Configure NSX Load Balancer for Platform Service ControllerPlatform Services Controller (PSC) provides infrastructure security functions, such as vCenter Single Sign-On, licensing, certificate management, and server reservation. Scenario: SSL OffloadingThis scenario uses an HTTPS offloading (SSL offloading) application profile type. Edge ends client HTTPS (SSL sessions). Edge load balances the clients on HTTP to the servers. L7 application rules can be applied. Scenario: Import SSL CertificateThis scenario uses an HTTPS end-to-end (SSL end-to-end) application profile type. The NSX Edge closes client HTTPS (SSL sessions). Edge load balances the client on a new HTTPS connection to the servers. L7 application rules can be applied. Scenario: SSL PassthroughThis scenario uses an SSL passthrough application profile type. Edge does not close client HTTPS (SSL sessions). Edge load balances TCP sessions to the servers. Client SSL sessions are closed on the servers (not the edge). L7 application rules cannot be applied. Scenario: SSL Client and Server AuthenticationThis scenario uses an HTTPS end-to-end application profile type with SSL client and server authentication. Parent topic: Logical Load Balancer