We have one server serving Django content using mod_wsgi and one server in our DMZ reverse proxying all users. The only way to get to the content is via the reverse proxy and we want some content to be secure and some not to be.
Is the best way to set it up having SSL on both servers, or is that a waste? Should I move all the encryption work to the reverse proxy and save the Django server to just serve pages/content/etc?