Hi @ctgraham,
no I haven’t considered using SSL from the reverse-proxy to the backend. It may solve this problem but it adds more and unnecessary complexity. Unnecessary because the “last mile” is on a private network using addresses that are unrouteable in the Internet and that goes through network switches that heavily use VLANs to keep things separate. So only servers from Admins I trust in are in the “vicinity” of my servers. Apart from that: those switches will raise a great hue and cry if someone tries to do something nasty (e.g. ARP spoofing) inside that private network.
I am sorry but I do not understand what you mean with
What can I do to help?
Greetings
Hermann