Examples of the present disclosure describe systems and methods for configuring and executing per-service TLS settings in a forward proxy. In examples, a proxy device receives a connection request from a client device to access a service. The proxy device identifies service connection information included in the connection request and selects a connection scheme for connecting to the service. The service connection information is compared to a static mapping of connection data in the connection scheme. If the service connection information matches the static mapping of connection data, a TLS type is determined for the connection request. If the service connection information does not match the static mapping of connection information, the service connection information is compared to a dynamic mapping of session information. Based on the comparison of the service connection information to the dynamic mapping of session information, a TLS type is determined for the connection request.