@Dobby_ So openssl-1.1.1q,1 TLSv1.3 capable SSL and crypto library ldd /usr/local/sbin/squid| grep ssl libssl.so.111 => /usr/lib/libssl.so.111 (0x800b6c000) It seems that squid used openssl 1.1.1 ,the openssl will use QAT, then the squid can use QAT ?

As soon as you have access to the full, decrypted data stream it's most probably possible to cache everything. But : The, for example, ccs style sheet file, can have a unique name - and won't be re used ever again, so it will get reloaded anyway. The file creation date can be set to 'now' so the browser will request a fresh copy, even if the content didn't change at all. etc etc .