Https filtering via proxy Squid



  • Hi
    I use ACME to make certificate and now I can access successfully to router via https Https://firewall-pfsense.domain.com:port
    I export certificate and key ACME at  "System  > Certificate Manager > Certificates“
    After that I create Certificate Authorities at “System > Certificate Manager > Cas” by importing certificate with key export above, I name this Certificate Authorities SSL_HTTPS_SQUID
    I use the certificate SSL_HTTPS_SQUID to filter HTTPS through Squid (Please see the attached picture below)
    After I turn on SSL Man In the Middle Filtering then users cannot access to all page Https

    I do not know which step I made wrong, please tell me how to filter by Squid proxy.
    Thankyou so  much.

    ![https pfsense.jpg](/public/imported_attachments/1/https pfsense.jpg)
    ![https pfsense.jpg_thumb](/public/imported_attachments/1/https pfsense.jpg_thumb)



  • Hi Lupin

    Let's Encrypt does not issue CA certificates, just works out for secure webGUI (https) into pfSense.
    You need a CA certificate for an SslBump setup to work for more than one site.



  • seems like you need SSL Certificate Authority to filter SSL traffic. try creating CA & installing it on your client PC's.



  • use your own pfsense instance and create a CA locally.



  • The problem I Have is different.
    Most of the websites work just fine. But some don't. especially Google websites and subdomains.
    and another strange thing: when I search something in the browser without going to google.com (but using Google as default search engine) it never works with this setup.


Log in to reply