Hitch - scalable TLS proxy

Hitch is a libev-based high performance SSL/TLS proxy by Varnish Software.


2016-09-23: Hitch 1.4.1 released. New configuration setting for specifying SSL/TLS protocol. See details and changelog.

2016-09-12: Hitch 1.4.0 released. Minor fixes since 1.4.0-beta1. Add support for ECC certificates (changelog).

2016-08-26: Hitch 1.4.0-beta1 released. Support for ALPN and NPN. This lets you use Hitch for terminating TLS in front of an HTTP/2 capable backend (changelog).

2016-08-16: Hitch 1.3.1 released. A simple mistake in the autotools configuration led to packages shipped without man pages (changelog).

2016-08-16: Hitch 1.3.0 is out. Fully automated retrieval and refreshes of OCSP responses. Only minor changes since beta3, see (changelog)

2016-08-03: Hitch 1.3.0-beta3 is out. Fully automated retrieval and refreshes of OCSP responses. See (changelog)

2016-05-31: Hitch 1.3.0-beta2 is out. Various smaller fixes since beta1. See (changelog)

2016-05-11: Hitch 1.3.0-beta1 is out. Introduces support for OCSP stapling. (changelog)

2016-04-20: Hitch 1.2.0 is out. Contains a few minor fixes since 1.2.0-beta1. (changelog)

2016-02-25: Hitch 1.2.0-beta1 is out. New configuration options, most notably setting of ciphers per certificate. Please test!

2016-01-26: Hitch 1.1.1 has been released. This is a maintenance release with various bug fixes. (changelog)

2015-11-20: Hitch 1.1.0 has been released. This version includes support for run-time reload of certificates and listening sockets. (details)

2015-11-19: Hitch is now packaged in Fedora/EPEL, Debian and FreeBSD ports. See the wiki for links.


Hitch is open-source software licensed under 2-clause BSD license. It is tested on Linux, but should work on other *nixes as well.

Latest releases

Stable: hitch-1.4.1.tar.gz

Older releases can be found in the source/ folder.


Related links