SSL Proxy giving me problems.

TurboAAA

This should be an easy one for someone to help me with.

I am NOT trying to use transparent mode, but instead want users to decide whether or not they want their devices running through my SSL proxy. My ISP is extremely slow and caching is a huge deal for me.

PFSense 2.3
Latest Squid package
Proxy is enabled and http is on port 3128 https 3129.
Firewall rule to allow TCP 3128-3129 to the firewall.
Firefox is configured to use the above ports for the proxy.
HTTP sites work correctly
HTTPS sites time out with no errors

When I try to access one of my websites I get the following using the Firefox developer tools
Requested URL : http://michaelwiki.geekgalaxy.com/
Request method : GET
Remote address : 192.168.11.1:3128
Status code: 301 Moved Permanently

Ok all normal there, but then it tries to load the encrypted page
Requested URL: https://michaelwiki.geekgalaxy.com/w/index.php/Main_Page
Request method: GET

and nothing happens.

Any ideas on where to start looking would be appreciated.

UPDATE:

I was able to narrow down the problem to being that squid is NOT listening on port 3129 for some reason. So if anyone has run into any related bugs please let me know.

UPDATE 2:
I found my problem.

1. You do NOT need to create a firewall rule to allow proxy traffic.
2. Leaving the defaults, both encrypted and unencrypted traffic share the same port. Even though there is an option to specify the SSL proxy port.

So this problem is solved, now I need to verify caching is working and I will be able to mark this to-do item done.