We get a lot of questions about TLS and Varnish, and we’ve long been touting our TLS proxy, Hitch, as the best way to terminate TLS in front of Varnish. Hitch is a lightweight, high-performance TLS proxy that is entirely dedicated to TLS termination. This makes Hitch a tiny and performant tool that can be used anywhere, including in front of Varnish. One of its main features is the PROXY protocol, which is capable of capturing and transporting information about the original connection, regardless of the number of proxies it passes through.
As you might know, the latest Varnish Enterprise release (6.0.6r2) adds support for in-process, or native, TLS. What does this mean, though, and why add this feature, why now?
We’re delighted to reveal that a new version of Varnish Enterprise 6 is now available! The latest iteration of our powerful caching technology, Varnish Enterprise 6.0.6r2 will contain a variety of updates, refinements, fixes and optimizations, but also some exciting new features.
Let’s start with something truly game changing...