diff --git a/dh2048.pem b/dh2048.pem
new file mode 100755
index 0000000..0f1581d
--- /dev/null
+++ b/dh2048.pem
@@ -0,0 +1,8 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEArjoon6Luh44PeVx1xPx6cuTzRVXgYoF17KrR6Tqww7b4P+ogrZp1
+wSLci+1RnlrkwWn1rFu0eHAbbSzvHlrmwkS2NRZcU+Zm7uNkPeE/6pzBd5HZnoRM
+yjiOL8DWTyaumdp4srLYLUplO2HVsdOyYh5Z3+GhsiTTVZfYjqyQD7qOaIpgv0Ri
+XMgVgVX8lQAd0IE7DfJyC6R/8CLoVaUIThEMQFJn4GH/ylnjW+kpOajyFeC0tU5F
+yFn40sI8qu/y1rKw8ZRYRnhSsLUmndfgAmfKNn80kFZTaOxHcaqbkRrocAV9QnHy
+6l+ytTbHOoFbCGyBQ/unRxxu9jD1qq/B6wIBAg==
+-----END DH PARAMETERS-----
diff --git a/main.cpp b/main.cpp
index 1ffdcb1..1b90663 100755
--- a/main.cpp
+++ b/main.cpp
@@ -5,6 +5,8 @@
 #include <array>
 #include <iomanip>
 
+#include <boost/bind.hpp>
+
 #define SSL_R_SHORT_READ 219
 #include "ssl/ssl_locl.h"
 #include <boost/asio/ssl.hpp>
@@ -75,16 +77,16 @@ std::string ConnectRequestRecord::getRequestData()
 
 
 
-//typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;
+typedef boost::asio::ssl::stream<boost::asio::ip::tcp::socket> ssl_socket;
 
 
 class ProxySession :
 	public std::enable_shared_from_this<ProxySession>
 {
 public:
-	ProxySession(boost::asio::ip::tcp::socket socket, boost::asio::io_service& inIoService)
+	ProxySession(std::shared_ptr<ssl_socket> socket, boost::asio::io_service& inIoService)
 		: ioService(inIoService)
-		, socket(std::move(socket))
+		, mSocket(socket)
 		, outsideConnectSocket(ioService)
 	{
 		std::cout << "ProxySession Create" << std::endl;
@@ -97,12 +99,56 @@ public:
 
 	void start()
 	{
-		readClientVersion();
+		asyncHandshake();
+		//readClientVersion();
 	}
 
 
 private:
 
+	ssl_socket& socket()
+	{
+		return *mSocket;
+	}
+
+	ssl_socket::lowest_layer_type& lowerSocket()
+	{
+		return mSocket->lowest_layer();
+	}
+
+
+	void asyncHandshake()
+	{
+		auto self(shared_from_this());
+
+		socket().async_handshake(boost::asio::ssl::stream_base::server,
+			[this, self](boost::system::error_code ec) {
+		
+			if (!ec)
+			{
+				readClientVersion();
+			}
+			else
+			{
+				lowerSocket().close();
+			}
+		
+		});
+	}
+
+	/*
+	void handleHandshake(const boost::system::error_code& error)
+	{
+		if (!error)
+		{
+			readClientVersion();
+		}
+		else
+		{
+			lowerSocket().close();
+		}
+	}*/
+
 
 	std::array<unsigned char, 3> clientVersion;
 	
@@ -110,7 +156,7 @@ private:
 	{
 		auto self(shared_from_this());
 
-		boost::asio::async_read(socket,
+		boost::asio::async_read(socket(),
 			boost::asio::buffer(clientVersion.data(), clientVersion.size()),
 			[this, self](boost::system::error_code ec, std::size_t /*length*/)
 		{
@@ -122,12 +168,12 @@ private:
 				}
 				else
 				{
-					socket.close();
+					lowerSocket().close();
 				}
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 	}
@@ -140,7 +186,7 @@ private:
 	
 		std::array<char, 2> version = { 0x05, 0x02 };
 
-		boost::asio::async_write(socket,
+		boost::asio::async_write(socket(),
 			boost::asio::buffer(version.data(), version.size()),
 			[this, self](boost::system::error_code ec, std::size_t length)
 		{
@@ -150,7 +196,7 @@ private:
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 	}
@@ -176,7 +222,7 @@ private:
 		auto self(shared_from_this());
 
 
-		boost::asio::async_read(socket,
+		boost::asio::async_read(socket(),
 			boost::asio::buffer(&((*clientLoginPasswordPtr)[0]), clientLoginPasswordPtr->size()),
 			[this, self, expectedData, clientLoginPasswordPtr](boost::system::error_code ec, std::size_t /*length*/)
 		{
@@ -188,12 +234,12 @@ private:
 				}
 				else
 				{
-					socket.close();
+					lowerSocket().close();
 				}
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 
@@ -207,7 +253,7 @@ private:
 
 		
 
-		boost::asio::async_write(socket,
+		boost::asio::async_write(socket(),
 			boost::asio::buffer(authStatus.data(), authStatus.size()),
 			[this, self](boost::system::error_code ec, std::size_t length)
 		{
@@ -218,7 +264,7 @@ private:
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 	}
@@ -231,7 +277,7 @@ private:
 		auto self(shared_from_this());
 
 
-		boost::asio::async_read(socket,
+		boost::asio::async_read(socket(),
 			boost::asio::buffer(firstPartPtr->data(), firstPartPtr->size()),
 			[this, self, firstPartPtr](boost::system::error_code ec, std::size_t /*length*/)
 		{
@@ -247,12 +293,12 @@ private:
 				}
 				else
 				{
-					socket.close();
+					lowerSocket().close();
 				}
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 
@@ -271,7 +317,7 @@ private:
 		auto self(shared_from_this());
 
 
-		boost::asio::async_read(socket,
+		boost::asio::async_read(socket(),
 			boost::asio::buffer(secondPartPtr->data(), secondPartPtr->size()),
 			[this, self, firstPartPtr, secondPartPtr, len](boost::system::error_code ec, std::size_t /*length*/)
 		{
@@ -292,7 +338,7 @@ private:
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 
@@ -312,7 +358,7 @@ private:
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 				outsideConnectSocket.close();
 			}
 		});
@@ -335,7 +381,7 @@ private:
 		connectResponse += static_cast<unsigned char>(connectRequestRecord.port % 256);
 
 
-		boost::asio::async_write(socket,
+		boost::asio::async_write(socket(),
 			boost::asio::buffer(connectResponse.data(), connectResponse.size()),
 			[this, self](boost::system::error_code ec, std::size_t length)
 		{
@@ -347,7 +393,7 @@ private:
 			}
 			else
 			{
-				socket.close();
+				lowerSocket().close();
 				outsideConnectSocket.close();
 			}
 		});
@@ -362,7 +408,7 @@ private:
 	{
 		auto self(shared_from_this());
 
-		boost::asio::async_read(socket,
+		boost::asio::async_read(socket(),
 			boost::asio::buffer(&forwardChar, 1),
 			[this, self](boost::system::error_code ec, std::size_t /*length*/)
 		{
@@ -380,14 +426,14 @@ private:
 					else
 					{
 						outsideConnectSocket.close();
-						socket.close();
+						lowerSocket().close();
 					}
 				});
 			}
 			else
 			{
 				outsideConnectSocket.close();
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 	}
@@ -402,7 +448,7 @@ private:
 		{
 			if (!ec)
 			{
-				boost::asio::async_write(socket,
+				boost::asio::async_write(socket(),
 					boost::asio::buffer(&backwardChar, 1),
 					[this, self](boost::system::error_code ec, std::size_t length)
 				{
@@ -414,21 +460,21 @@ private:
 					else
 					{
 						outsideConnectSocket.close();
-						socket.close();
+						lowerSocket().close();
 					}
 				});
 			}
 			else
 			{
 				outsideConnectSocket.close();
-				socket.close();
+				lowerSocket().close();
 			}
 		});
 	}
 
 	boost::asio::io_service& ioService;
 
-	boost::asio::ip::tcp::socket socket;
+	std::shared_ptr<ssl_socket> mSocket;
 
 	boost::asio::ip::tcp::socket outsideConnectSocket;
 
@@ -443,10 +489,11 @@ class ProxyServer
 {
 public:
 	ProxyServer(boost::asio::io_service& inIoService,
-		const boost::asio::ip::tcp::endpoint& endpoint)
+		const boost::asio::ip::tcp::endpoint& endpoint,
+		boost::asio::ssl::context& sslContext)
 		: ioService(inIoService)
-		, acceptor(inIoService, endpoint),
-		socket(inIoService)
+		, acceptor(inIoService, endpoint)
+		, socket(std::make_shared<ssl_socket>(inIoService, sslContext))
 	{
 		doAccept();
 	}
@@ -454,12 +501,12 @@ public:
 private:
 	void doAccept()
 	{
-		acceptor.async_accept(socket,
+		acceptor.async_accept(socket->lowest_layer(),
 			[this](boost::system::error_code ec)
 		{
 			if (!ec)
 			{
-				std::make_shared<ProxySession>(std::move(socket), ioService)->start();
+				std::make_shared<ProxySession>(socket, ioService)->start();
 			}
 
 			counter++;
@@ -471,7 +518,7 @@ private:
 	boost::asio::io_service& ioService;
 
 	boost::asio::ip::tcp::acceptor acceptor;
-	boost::asio::ip::tcp::socket socket;
+	std::shared_ptr<ssl_socket> socket;
 
 	//std::map<size_t, ProxySession> proxySessionMap;
 
@@ -489,7 +536,26 @@ int main()
 
 		boost::asio::ip::tcp::endpoint endpoint(boost::asio::ip::tcp::v4(), 8043);
 
-		ProxyServer proxyServer(ioService, endpoint);
+
+		boost::asio::ssl::context sslContext(boost::asio::ssl::context::sslv23);
+
+		sslContext.set_options(
+			boost::asio::ssl::context::default_workarounds
+			| boost::asio::ssl::context::no_sslv2
+			| boost::asio::ssl::context::single_dh_use);
+
+
+		std::function<std::string(std::size_t, boost::asio::ssl::context_base::password_purpose)> f = [](std::size_t, boost::asio::ssl::context_base::password_purpose) -> std::string { return ""; };
+		sslContext.set_password_callback(f);
+
+		sslContext.use_certificate_chain_file("server.crt");
+
+		sslContext.use_private_key_file("server.key", boost::asio::ssl::context::pem);
+
+		sslContext.use_tmp_dh_file("dh2048.pem");
+
+
+		ProxyServer proxyServer(ioService, endpoint, sslContext);
 
 		ioService.run();
 
diff --git a/rootca.crt b/rootca.crt
new file mode 100755
index 0000000..647a744
--- /dev/null
+++ b/rootca.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECTCCAvGgAwIBAgIJAKlzlxSAr1BkMA0GCSqGSIb3DQEBCwUAMIGZMQswCQYD
+VQQGEwJMVjETMBEGA1UECAwKU29tZS1TdGF0ZTENMAsGA1UEBwwEUmlnYTEbMBkG
+A1UECgwSRmlzaCBSdW4gR2FtZXMgU0lBMRcwFQYDVQQDDA5mcmctcHJveHktcm9v
+dDEwMC4GCSqGSIb3DQEJARYhdmxhZGlzbGF2Lmtob3JldkBmaXNocnVuZ2FtZXMu
+Y29tMCAXDTE3MDgwNjE4MjgxMFoYDzIwNzIwNTA5MTgyODEwWjCBmTELMAkGA1UE
+BhMCTFYxEzARBgNVBAgMClNvbWUtU3RhdGUxDTALBgNVBAcMBFJpZ2ExGzAZBgNV
+BAoMEkZpc2ggUnVuIEdhbWVzIFNJQTEXMBUGA1UEAwwOZnJnLXByb3h5LXJvb3Qx
+MDAuBgkqhkiG9w0BCQEWIXZsYWRpc2xhdi5raG9yZXZAZmlzaHJ1bmdhbWVzLmNv
+bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM5NIDsckYAgP1zhXwzg
+DHOnFbpQCF0gJVOQK66tgda7o5vbLFqzqW5R6rRieNdlUEtztXrRMjO+1LYBQ+vD
+bT058uwlTgD7xpRtr73kMoPBosZpxRxBKJpp60wOHLyZJqSn16WlgTm8/TTTaF2R
+yFYhHxGM+xkDzgXo0LU0yjHOgsJSlnBHGC6mmbrdzCGY9c7hFcYPawCty+FNIqVW
+eFEWHSOXqAhADxp5KbdrcUK8EmVljRLEGItctiRdq9PWxhHpodEgKiwOUk0bXds/
+ErTw1ozopqSYZD5RgL1DcL3T/bKbGDdqp+blIZN1nsL6hYW4b2gHPTSNrUkBkt5v
+oz0CAwEAAaNQME4wHQYDVR0OBBYEFHhY1354tUtbEk1mMtRcRbgK4LPsMB8GA1Ud
+IwQYMBaAFHhY1354tUtbEk1mMtRcRbgK4LPsMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQELBQADggEBAMEiLatj4IURN1U1779TLRbKf4gIVlopey0xbzSRSosNtAOu
+s+zApVzaDEDdULM7YhkXo+kThp41xCU7xMZZan0XyvTcos1KTjHISf3swJb9L8XT
+S6t/D2bUt+FnjKCyRC3xtheNhoxOwCAQXNvXu5HJ1O87eDxYorQQ5ujAjbToxbTs
+i8xR9HwLe3h36NY22qsX6LRohZufXa3S8YUATW2frDp1q7vArBXuY7o/+UIQxn49
+dTzAqYhEpBJZw7MZB/3BqHPzmZ3jqEsj3HK6rgxwlYEnY6kB6eAhiAtaPVARx538
+6Yz8LsofRoZSVnytmYquxiWB7YJuhEYiIwrpcXo=
+-----END CERTIFICATE-----
diff --git a/server.crt b/server.crt
new file mode 100755
index 0000000..90890ae
--- /dev/null
+++ b/server.crt
@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDqDCCApACCQCHryODPTrImDANBgkqhkiG9w0BAQsFADCBmTELMAkGA1UEBhMC
+TFYxEzARBgNVBAgMClNvbWUtU3RhdGUxDTALBgNVBAcMBFJpZ2ExGzAZBgNVBAoM
+EkZpc2ggUnVuIEdhbWVzIFNJQTEXMBUGA1UEAwwOZnJnLXByb3h5LXJvb3QxMDAu
+BgkqhkiG9w0BCQEWIXZsYWRpc2xhdi5raG9yZXZAZmlzaHJ1bmdhbWVzLmNvbTAg
+Fw0xNzA4MDYxODI5NDVaGA8yMDcyMDUwOTE4Mjk0NVowgY8xCzAJBgNVBAYTAkxW
+MRMwEQYDVQQIDApTb21lLVN0YXRlMQ0wCwYDVQQHDARSaWdhMRswGQYDVQQKDBJG
+aXNoIFJ1biBHYW1lcyBTSUExDTALBgNVBAMMBHVzZXIxMDAuBgkqhkiG9w0BCQEW
+IXZsYWRpc2xhdi5raG9yZXZAZmlzaHJ1bmdhbWVzLmNvbTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKk5iMe4m8SW9vV/VDePQznIiZ870b5CXrklOzcV
+iI3kFDAsfnk9AR6UALfojCjDFO97DfaKDXOJBH+hkyJVuDQt25unnsG9Sbtr/Uwn
+msdOTv8hr2IPyRnBIJc1MW7zoYaNOZ/etJcAyAYVMsr8/8CoTZi4vhARvgdgXmZd
+bI+wMt13ZObihobuyLrjvRvoc1se/gwN8AkluQBz7h7FFYTda7sBdCw/qAz2/hUT
+zskPLiPwbXWm7iC1eAoQgXy/DZLzXUVVJ94CmkUflsVbjKq3Z9wudYIptMqG9tsO
+mKOhbwi579NbiB1afeSf4cHtDcnH3JM4AgEgcru5Js27pocCAwEAATANBgkqhkiG
+9w0BAQsFAAOCAQEAiRySYyBhpksv1vOvc7eMKcpGh+1wS85PpcwH8uOaBGsqgjxz
+mQZK+tnw/WmL9mlgOY6GqfEpz1VW6gytD3kvlmXrIDUgUGxthVZ7pZhc7lsACkU1
+TN+kZUP1wVeHhYdoAFdCnFQjsm4DEGB8ArXAAteN1onnPC7wUTiDeVDLyhTAYzj9
+9o/4nrP941QgACBt9h+mXAKwUCD8Zr9GhcktlZA+XvF+z6ckV8L6XyepdEvriVT/
+84jEOOdPYmI5/FJRxCriDxmVJubwswDiIezgZ0vo2pdPVftEoTR6/iebu+lUWXFV
+5mqnHTucNTHVWmimiv/de0FHbO/qnwYnQPgaMA==
+-----END CERTIFICATE-----
diff --git a/server.key b/server.key
new file mode 100755
index 0000000..f0aeac6
--- /dev/null
+++ b/server.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAqTmIx7ibxJb29X9UN49DOciJnzvRvkJeuSU7NxWIjeQUMCx+
+eT0BHpQAt+iMKMMU73sN9ooNc4kEf6GTIlW4NC3bm6eewb1Ju2v9TCeax05O/yGv
+Yg/JGcEglzUxbvOhho05n960lwDIBhUyyvz/wKhNmLi+EBG+B2BeZl1sj7Ay3Xdk
+5uKGhu7IuuO9G+hzWx7+DA3wCSW5AHPuHsUVhN1ruwF0LD+oDPb+FRPOyQ8uI/Bt
+dabuILV4ChCBfL8NkvNdRVUn3gKaRR+WxVuMqrdn3C51gim0yob22w6Yo6FvCLnv
+01uIHVp95J/hwe0NycfckzgCASByu7kmzbumhwIDAQABAoIBAEdIOvuWIdc/mCt1
+RS5aJIE0nfP7KLCyGGB49GaRpYHPb0mTlHrRXaVZxquxQ0jwU+NEvG77XAsszj5M
++0NdREiGgJkilFcbuvE93ea0UBhgPhpuQAhYiedVWLsY5wfLjGC3IGzdTMjGxXr6
+dvjWdYzb2EPangT61EcbKuiHtfEYIhQ26Mdb3tVWPMW/g2KMYCTOFSraNZoSHXLn
+f7gpzP1dY/aoL2FYz7GBV/7W2corA5iYIFe4HVHpppEjnPja6+WZwsTR2rndSvj7
+N9zwdXcpLJr1GJCrta8RiJTlD0kHAKXOMPYTG/pcxwUfLr8ceP5HTh/7624sPsYo
+rnyt7fECgYEA0+RMZ9tYT3i0peaLC12MTyr8X+xzDnHK501Ep+0VnpS0quHwWJ0u
+3ab9EFhM1u8NEFwF6YnXyORq1AMHIU/O+O3rHt6VlF4z625tF6Wu61zQNerCVM/M
+bOqX9yl+ukNW4qx1maSEqhajKhhp69qJ3Cr+2eD+igENuDRqn/2eHtsCgYEAzHOC
+4/xrF4iWlx4MYflENa9miTGxnYDz9rDuhZu9Zqlv55dtv39WEkhKvcFjMx4McvNy
+nu0yKBdpZ75QORfjaAHX0J47+RnDZhiSxh53P7vSy7/jDbUDle44x+H0IWJwoK4b
+ECqvKIh/tibYukFFoSJyBdZQ4U67kaXbsrNKOMUCgYEAoFUhk3ygCBJ37wjRsZnp
+r4YBTbwnG4jzVa5cAw0czNANHTi1mvflHIdc+d821XQxWG2pc5uAElz0kNRxsr0n
+CalNviAC4y+c7cqy9a/C+glS61lmDrLmJowkzTsyz1JhDkgc/FNGp0VV1WZ/z52f
+r19BVDAxqs89SGMxQzqvSP0CgYB2r7PTX+xXXA53qZTsp0Smma0/hZ6jXYHCutGs
+tE1ONJxm6Cxo16YCtP7Wi1ZoDVCSxqrKgc31IiopdHyjuC9maHN9gu4z3HXnZeqG
+opb9Y66qYzmO8n8jYYiK2KvdWYUicg/54Z2PPTZOatyzu0KNmS5yHwkS0p7mnU8d
+vSEgNQKBgC0eq1urDxRl0FbcoLPNaxwVRRyUhcZZc7RRDz8TH0Z2/iVdnsmhBhum
+Z27ZfBfp7HZA4k44sld15ZIw5H2lsFlEz/oHiJgAobGx556WbQwJypvY/Ii3jtap
+sE6umZIoJF90oo33ARRC743Ed46fD1BrIFaJ+BBG3raheA3SONmG
+-----END RSA PRIVATE KEY-----