I am using an AWS application load balancer as a TLS-terminating reverse proxy in front of my HTTP services. In case of simple requests and responses the web client doesn't know that it is actually talking to the load balancer instead of the service. Also, vice versa, the HTTP service doesn't know that the HTTP requests come from the load balancer instead of a client.
But now, I have to add another service (Keycloak) that uses redirects. Without further configuration this leads to the exposition of HTTP URLs that are only valid behind the load balancer to the client. Luckily, you can configure Keycload to work behind a TLS-terminating reverse proxy.
However, this leaves me wondering: Can a TLS-terminating reverse proxy be transparent to a server that uses redirects? In other words: Does a server, that uses redirects, have to know about a reverse proxy so that it can adjust the redirects or is it possible to configure the reverse proxy so that this is not necessary?