Is there any way to insert a callback at clientHello message during the TLS handshake while accepting the connection in proxygen::HTTPServer?

When configured to use OpenSSL as the TLS stack (eg: folly::SSLContext) we do not for sure. The socket abstraction provides a way to set a handshake verification callback, though it might not be plumbed all the way through, and may not be what you're looking for.

I don't think Fizz has this either, but you might need to ask in their repo: https://github.com/facebookincubator/fizz

What is your high-level goal? Maybe there's something else in place that will work.

I want to get the server name from the SNI extension in ClientHello message.

Is it ok to get that after the handshake completes? This is available in the wangle::TransportInfo structure serverName field, which is accessible from your RequestHandler as downstream_->getSetupTransportInfo().

No, I need the server name at the time of ClientHello, so that I can generate Certificate on the fly. Is there any way to get server name in ClientHello message, or any other way to generate Certificate on the fly?