hitch is a network proxy that terminates TLS/SSL connections and forwards the unencrypted traffic to some backend. It's designed to handle 10s of thousands of connections efficiently on multicore machines.
See the web page for more information.
from https://github.com/varnish/hitch
https://github.com/varnish/hitch/blob/master/docs/installation.md
https://github.com/varnish/hitch/blob/master/docs/configuration.md
http://ingvar.blog.redpill-linpro.com/2015/06/26/hitch-1-0-0-beta3-for-fedora-and-epel/
https://github.com/varnish/hitch/blob/master/docs/installation.md
https://github.com/varnish/hitch/blob/master/docs/configuration.md
http://ingvar.blog.redpill-linpro.com/2015/06/26/hitch-1-0-0-beta3-for-fedora-and-epel/
--------------
Hitch - scalable TLS proxy
Hitch is a libev-based high performance SSL/TLS proxy by Varnish Software.
Features
- Support for TLS1.0, TLS1.1 and TLS1.2
- SNI, with and without wildcard certificates
- OCSP stapling support
- Support for HAproxy's PROXY protocol
- Safe for large installations: performant up to 15 000 listening sockets and 500 000 certificates.
- Support for seamless run-time configuration reloads of certificates and listen endpoints.
Hitch is open-source software licensed under 2-clause BSD license. It is tested on Linux, but should work on other *nixes as well.
Resources
Related links
- Varnish Cache project
- Varnish Software AS
- PROXY protocol specification
- SSL terminating benchmark (2011)
- Benchmarking SSL Performance (HAProxy.com, 2011)
from http://hitch-tls.org/
Hitch 是一个基于 libev 开发的高性能 SSL/TLS 代理,由 Varnish 软件公司开发。
主要特性:
支持 TLS 1.0, TLS 1.1 和 TLS 1.2
SNI, 支持泛域名证书和非泛域名证书
支持 HAproxy 的 PROXY 协议
大规模安全支持,高达 15000 个侦听套接字和 50 万证书
支持运行时配置重载
