@viragomann Yes, not sure why that made a difference but it's working.

follow this for use with creating a dstdom.broken file for use with pinned certificates..

https://wiki.squid-cache.org/SquidFaq/WindowsUpdate

same item however add the
office.com
office.net domains into the folder so everything works and cache for updates still works

acl BrokenButTrustedServers dstdomain "/usr/local/pkg/dstdom.broken"
acl DomainMismatch ssl_error SQUID_X509_V_ERR_DOMAIN_MISMATCH
sslproxy_cert_error allow BrokenButTrustedServers DomainMismatch
sslproxy_cert_error deny all

this works for me and all updates restored and office use

@tomasenskede said in You're speaking plain HTTP to an SSL-enabled server port:

@viragomann said in You're speaking plain HTTP to an SSL-enabled server port:

hese view snips are sadly not really helpful to get closer to the issue.

hmm... I'm eager to make this working. I'm happy to provide more information. What else do you need to help me? Thanks in advance!

Got it WORKING... reboot of pfSense resolved the issue...

@viragomann Grazie , But my great difficulty is the English translation > ita which is often not very precise. I'm sorry if I made you angry it wasn't my intention. Thank you for your very important help for me.

@VMlabman

Under Backend tab for the pfsense-01. you need to select a CA and select the client certificate that you have generated for your pfsense-01.

Under Frontend tab under SSL offloading, select the ACME generated certificate under Certificate.

Check if those settings fixes the issue you are having.

Also I recommend watching the following youtube:

How to Setup ACME, Let's Encrypt, and HAPRoxy in pfsense

@DBMandrake I also had a ticket open for this, it was closed as a duplicate I do know what you're talking about, iTunes does it also.

6.6 is active in 24 beta if anyone else wants to test it.

@lg1980 can you access the status page in squid 6.6? My system works but the status page says access denied

@compsmith said in haproxy connectwise control (screen connect) relay internally not working:

DNS resolver has a Host Override with the screen connects subdomain pointing to the lan ip of the pfsense firewall.

Remove this.

@M-Aly I don't know the answer to your problem but I would suggest if you need a reverse proxy that you just use HAProxy.

Not only is HAProxy designed specifically to be a reverse proxy and load balancer, (while it is really only a secondary feature of Squid) netgate have said they are removing Squid from PFSense in the next major version release (presumably 2.8.0) so any time you spend setting this up and getting it working is going to be wasted when Squid is removed... so you might as well set up HAProxy from the beginning.