Establishing encrypted internet connections often requires routing traffic through secure TLS/SSL tunnels. While HTTP Custom is widely used with UDP configs, it natively supports **SSL connection types**. By generating private credentials on standard portals like **SSH Max** and configuring custom SNI settings inside **HTTP Custom**, you can build a secure SSL tunnel for fast web browsing.

This technical guide explains how to generate an SSL server profile on SSH Max, configure SSL settings in HTTP Custom, and inject custom SNI domains.

Table of Contents

• Video Tutorial
• Step 1: Generating an SSL Server on SSH Max
• Step 2: Configuring HTTP Custom for SSL
• Step 3: Configuring custom SNI Host Headers
• Step 4: Establishing the SSL Tunnel Connection
• Frequently Asked Questions & Troubleshooting

Video Tutorial

Step 1: Generating an SSL Server on SSH Max

To generate the secure SSL server credentials:

1. Open your web browser and go to the official **SSH Max** website (sshmax.com).
2. Tap the menu button at the top header and select **Services**.
3. Tap **SSL Servers** from the submenu options.
4. Select your preferred server location (e.g. Asia or Europe) and tap select server.
5. Enter your desired username and password, complete the reCAPTCHA challenge, and click **Create**.
6. Copy the generated SSL Server Host IP, Port (usually 443), Username, and Password to your clipboard.

Step 2: Configuring HTTP Custom for SSL

To map your SSL details into the connection client:

1. Install and launch **HTTP Custom** from your app store.
2. On the home dashboard, tap and check the **SSL** checkbox.
3. Enter the server credentials in the host field in the format: server_ip:443.
4. Input your account username and password in the designated text boxes.

Step 3: Configuring custom SNI Host Headers

To ensure traffic is whitelisted, configure the Server Name Indication (SNI) host header:

1. Tap the hamburger menu (three horizontal lines) in the top-left corner.
2. Scroll down to the utility section and select **SNI**.
3. In the pop-up field, type your network’s whitelisted zero-rated domain. Press **OK**.

Step 4: Establishing the SSL Tunnel Connection

Verify that your connection type is set to SSL on the home dashboard. Click the **Connect** button. Monitor the status logs. When the status turns green and shows “Connected”, your secure TLS encrypted connection is active, allowing you to browse privately.

FAQ & Troubleshooting Guide

1. Why does my connection fail with a “Handshake timeout” error?

567:

This is commonly caused by an invalid or blocked SNI domain. Ensure the SNI you entered matches a domain that your carrier zero-rates. If the SNI is correct, verify that your account on SSH Max has not expired, as free servers typically expire after 3 days.

2. What is the standard port for SSL connections?

567:

The standard port is `443` (HTTPS port). Some servers also support ports like `442` or `80` with specific SSL encapsulation wrapper setups. Always verify the active port on your SSH Max server dashboard details.

3. Is SSL routing more secure than standard HTTP injection?

567:

Yes. SSL wraps all data transmission within an encrypted TLS handshake layer. This prevents local eavesdropping and stops carrier firewalls from inspecting headers, providing a higher security profile than standard unencrypted HTTP headers.