@jc1976 I want to cache with it. I like it. I use affordable DSL, so it helps keep everything smooth and my bill down. Yes you can disable caching completely, you can even disable ClamAV if you want and only use splice mode for a URL blocker. So you don't even need certificates like that. Again, with this version you could run it in transparent mode and never need to even set proxies, it would transparently block URLS like that and show an error page. I am doing a more complex version where some devices are https ssl intercepted to look for container virtualized bugs data marshaling network cards, "I found them however I needed Snort AppID to track them down in the end" and some devices are set to transparent mode where it looks at only the get request and nothing else.
It is a very amazing set of software. I am so in love with this package and the way it works. I report stuff all the time with it, track items its great. It is also protected behind a firewall set of rules so it's great for pfSense.
My SG-2100 will continue to use it until the appliance dies. The final version of pfSense after 4 years of config changes, code, bugs, works perfectly, I am not going to give up on it. To everyone that worked on it at Netgate and all the community members to make it finally work, Thank you. The device works how it should for what I need, sure it's super secure maybe to secure but that was what was needed for cybersecurity, to stop the ransomware all the issues stopped with something like this. This was the firewall that helped END it.