No, you do not need HTTPS configuration on your backend when you configure TLS termination on Application Gateway; the TLS session ends at the application gateway itself, and it forwards the traffic to the backend over unencrypted HTTP (port 80).

This is a fully supported and secure pattern — especially useful when integrating with Azure Firewall or when the backend only supports HTTP.

• The backend doesn’t need to handle HTTPS — it just receives the request like a normal HTTP server.

Reference: Azure Application Gateway TLS termination tutorial (official)

What is TLS termination?