Sure. The point is, don't bother letting the apps themselves do TLS termination. Too much work that's better handled by something else.
hedora
Also, moving termination off the endpoint server makes it much easier for three letter agencies to intercept + log.
qmarchi
Most responsible orgs do TLS termination on the public side of a connection, but will still make a backend connection protected by TLS, just with a internal CA.