Configuring Hitch to terminate SSL requests

Start with an example configuration that's bundled with Hitch distribution. Rename hitch.conf.ex to hitch.conf.

Since Hitch is a fork of Stud, the configuration values are mostly the same. Refer to my earlier blog post on Configuring Stud to know which values to configure.

Get an init.d script for Hitch with the following:

#!/bin/sh
#
# hitch - this script starts and stops the hitch daemon
#
# chkconfig: - 85 15
# description: hitch is Scalable TLS Unwrapping Demon
# processname: hitch
# Source function library.
. /etc/rc.d/init.d/functions
# Source networking configuration.
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
hitch=/opt/hitch/sbin/hitch
prog=$(basename $hitch)
STUD_CONF_FILE="/opt/hitch/hitch.conf"
[ -f /etc/sysconfig/hitch ] && . /etc/sysconfig/hitch
lockfile=/opt/hitch/var/run/hitch
start() {
[ -x $hitch ] || exit 5
[ -f $STUD_CONF_FILE ] || exit 6
echo -n $"Starting $prog: "
daemon $hitch --quiet --config=$STUD_CONF_FILE
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc $prog -QUIT
retval=$?
echo
[ $retval -eq 0 ] && rm -f $lockfile
return $retval
}
restart() {
configtest || return $?
stop
sleep 1
start
}
reload() {
configtest || return $?
echo -n $"Reloading $prog: "
killproc $hitch -HUP
RETVAL=$?
echo
}
force_reload() {
restart
}
configtest() {
$hitch -t --config=$STUD_CONF_FILE
}
rh_status() {
status $prog
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart|configtest)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload|configtest}"
exit 2
esac
view raw hitch hosted with ❤ by GitHub

Test your configuration with

/opt/hitch/sbin/hitch --config=/opt/hitch/hitch.conf

To get the certificate configured, please follow Installing and configuring Stud to serve SSL requests.

Once you are able to access the server, we can enable the init.d script via chkconfig script.

chmod ugo+x /etc/init.d/hitch  
chkconfig hitch --add  
chkconfig hitch --level 235 on