You’ll most likely want something in front of varnish to terminate TLS/SSL. A CDN can offer this, but for e-commerce it’s best to terminate on the local network of the server. A reverse-proxy that terminates SSL and proxies the HTTP request to varnish is the usual solution. Traefik is a great choice, and can even generate that cert with Let’s Encrypt. You can also wire this up directly with NGNIX, or indirectly with Kubernetes with an Ingress Controller. If you’re doing this yourself, consider Terraform and a cloud K8S provider so you can properly scale and reproduce your setup.

Doug Hatcher

Magento Meet NY 2025

Getting Started with Adobe Commerce Storefront