Hitch is a libev-based high performance SSL/TLS proxy, used for terminating HTTPS traffic in front of origin servers.

Hitch features:

* ALPN/NPN for HTTP/2 * Support for TLS1.2 and TLS1.3 and legacy TLS 1.0/1.1 * SNI, with and without wildcard certificates * Automatic OCSP stapling support * Client certificate authentication * PROXY protocol to signal client IP/port to backend * Supports UNIX domain socket connections to origin * Safe for large installations: performant up to 15 000 listening sockets and 500 000 certificates * Support for seamless run-time configuration reloads of certificates and listen endpoints