Does Vault (or basically any other system) require TLS when it only connects to a host on the LAN? [duplicate]
I'm trying to understand where TLS is required. I've heard that TLS encrypts data when a client communicates with a server through HTTP by verifying the server and passing encryption keys. This protection is done through a TLS certificate signed by a CA (Certificate Authority). I can imagine a hacker trying to claim who they are while communicating through the web.
But will this apply to a LAN system? For example, in Hashicorp's Vault, they mentioned: "End-to-End TLS. Vault should always be used with TLS in production.". If system A (say Vault) tries to communicate with system B (say Backend Service) connected through LAN how can the systems be verified through a CA? (or perhaps the question should be, does it need one?)
The image below helps illustrate the question I'm facing.
Reference: https://www.cloudflare.com/learning/ssl/what-is-ssl/ What's the point of certificates in SSL/TLS? https://developer.hashicorp.com/vault/tutorials/operations/production-hardening
