I have squid working for http, but https connections just fail. I have tried squid 2.5 on centos 3 via rpm, as well as squid 2.6 on centos 5 via rpm as well, but neither work for me. Can someone please let me know what I am missing. In my access log I see the following when trying to access a site https://mail.domain.com, but the site does not appear and firefox/IE error out "The connection was reset" <snip /var/log/squid/access.log> 1192640469.146 5 192.168.0.118 TCP_MISS/200 39 CONNECT mail.domain.com:443 - DIRECT/24.10.210.133 - </snip> Here is my config <snip /etc/squid/squid.conf for squid 2.6> http_port 3128 hierarchy_stoplist cgi-bin ? acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY acl apache rep_header Server ^Apache broken_vary_encoding allow apache access_log /var/log/squid/access.log squid auth_param ntlm program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-ntlmssp auth_param ntlm children 10 auth_param ntlm keep_alive on auth_param basic program /usr/bin/ntlm_auth --helper-protocol=squid-2.5-basic auth_param basic children 10 auth_param basic realm Proxy Server auth_param basic credentialsttl 2 hours auth_param basic casesensitive off external_acl_type nt_group ttl=0 concurrency=5 %LOGIN /usr/lib64/squid/wbinfo_group.pl Brefresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern . 0 20% 4320 acl all src 0.0.0.0/0.0.0.0 acl manager proto cache_object acl localhost src 127.0.0.1/255.255.255.255 acl to_localhost dst 127.0.0.0/8 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT acl local-servers dstdomain .domain.com acl FTP proto FTP acl smtcorp_pub snmp_community public acl unrestrictedusers external nt_group INTERNETOK_NT_GROUP acl NTLMUsers proxy_auth REQUIRED http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access allow unrestrictedusers http_access deny !NTLMUsers http_access deny all http_reply_access allow all icp_access allow all cache_mgr root@xxxxxxxxxx visible_hostname proxy.domain.com unique_hostname smtcorpx07.domain.com append_domain .domain.com always_direct allow local-servers always_direct allow FTP snmp_port 3401 snmp_access allow snmp_community all mail_from squid@xxxxxxxxxx coredump_dir /var/spool/squid <end /etc/squid/squid.conf> --