Thanks all for giving time at my post Here is my squid conf. acl snmppublic snmp_community public acl manager proto cache_object acl localhost src 127.0.0.1/32 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 acl zainnet src 192.168.0.0/24 acl SSL_ports port 443 acl Safe_ports port 80 # http acl Safe_ports port 1935 # http acl Safe_ports port 21 # ftp acl Safe_ports port 443 # https acl Safe_ports port 70 # gopher acl Safe_ports port 210 # wais acl Safe_ports port 1025-65535 # unregistered ports acl Safe_ports port 280 # http-mgmt acl Safe_ports port 488 # gss-http acl Safe_ports port 591 # filemaker acl Safe_ports port 777 # multiling http acl CONNECT method CONNECT http_access deny noway http_access allow manager localhost http_access allow bamboe http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost htcp_access deny all miss_access allow all http_port 3129 http_port 3128 intercept https_port 3127 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/myCA.pem acl broken_sites dstdomain .example.com ssl_bump none localhost ssl_bump none broken_sites ssl_bump server-first all sslcrtd_program /usr/local/squid/libexec/ssl_crtd -s /usr/local/squid/var/lib/ssl_db -M 4MB sslcrtd_children 5 # MEMORY CACHE OPTIONS cache_mem 1024 MB maximum_object_size_in_memory 16 KB # DISK CACHE OPTIONS cache_replacement_policy heap LFUDA cache_dir aufs /cache 160000 64 256 store_dir_select_algorithm least-load minimum_object_size 16 KB maximum_object_size 512 MB cache_swap_low 97 cache_swap_high 99 #LOGFILE OPTIONS access_log /var/log/squid/access.log squid cache_log /var/log/squid/cache.log cache_store_log none cache_swap_log /etc/squid/swap/swap.state logfile_rotate 5 log_fqdn off log_icp_queries off buffered_logs off emulate_httpd_log off #OPTIONS FOR TUNING THE CACHE refresh_pattern -i \.swf$ 20160 80% 20160 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth refresh_pattern -i \.gif$ 20160 80% 20160 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth refresh_pattern -i \.jpg$ 20160 80% 20160 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth refresh_pattern -i \.jpeg$ 20160 80% 20160 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth refresh_pattern -i \.exe$ 20160 80% 20160 override-expire override-lastmod reload-into-ims ignore-reload ignore-no-cache ignore-private ignore-auth # 1 year = 525600 mins, 1 month = 20160 mins, 1 day = 1440 refresh_pattern ^.*(utm\.gif|ads\?|rmxads\.com|ad\.z5x\.net|bh\.contextweb\.com|bstats\.adbrite\.com|a1\.interclick\.com|ad\.trafficmp\.com|ads\.cubics\.com|ad\.xtendmedia\.com|\.googlesyndication\.com|advertising\.com|yieldmanager|game-advertising\.com|pixel\.quantserve\.com|adperium\.com|doubleclick\.net|adserving\.cpxinteractive\.com|syndication\.com|media.fastclick.net).* 20160 20% 20160 ignore-no-cache ignore-private override-expire ignore-reload ignore-auth refresh_pattern ^.*safebrowsing.*google 20160 80% 20160 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth refresh_pattern ^http://((cbk|mt|khm|mlt)[0-9]?)\.google\.co(m|\.uk) 20160 80% 20160 override-expire ignore-reload ignore-private refresh_pattern ytimg\.com.*\.jpg 20160 80% 20160 override-expire ignore-reload refresh_pattern images\.friendster\.com.*\.(png|gif) 20160 80% 20160 override-expire ignore-reload refresh_pattern garena\.com 20160 80% 20160 override-expire reload-into-ims refresh_pattern photobucket.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 20160 80% 20160 override-expire ignore-reload refresh_pattern vid\.akm\.dailymotion\.com.*\.on2\? 20160 80% 20160 ignore-no-cache override-expire override-lastmod refresh_pattern mediafire.com\/images.*\.(jp(e?g|e|2)|tiff?|bmp|gif|png) 20160 80% 20160 reload-into-ims override-expire ignore-private refresh_pattern ^http:\/\/images|pics|thumbs[0-9]\. 20160 80% 20160 reload-into-ims ignore-no-cache ignore-reload override-expire refresh_pattern ^http:\/\/www.onemanga.com.*\/ 20160 80% 20160 reload-into-ims ignore-no-cache ignore-reload override-expire refresh_pattern ^http://v\.okezone\.com/get_video\/([a-zA-Z0-9]) 20160 80% 20160 override-expire ignore-reload ignore-no-cache ignore-private ignore-auth override-lastmod #images facebook refresh_pattern -i \.facebook.com.*\.(jpg|png|gif) 20160 80% 20160 ignore-reload override-expire ignore-no-cache refresh_pattern -i \.fbcdn.net.*\.(jpg|gif|png|swf|mp3) 20160 80% 20160 ignore-reload override-expire ignore-no-cache refresh_pattern static\.ak\.fbcdn\.net*\.(jpg|gif|png) 20160 80% 20160 ignore-reload override-expire ignore-no-cache refresh_pattern ^http:\/\/profile\.ak\.fbcdn.net*\.(jpg|gif|png) 20160 80% 20160 ignore-reload override-expire ignore-no-cache #All File refresh_pattern -i \.(3gp|7z|ace|asx|bin|deb|divx|dvr-ms|ram|rpm|exe|inc|cab|qt) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(rar|jar|gz|tgz|bz2|iso|m1v|m2(v|p)|mo(d|v)|arj|lha|lzh|zip|tar) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(jp(e?g|e|2)|gif|pn[pg]|bm?|tiff?|ico|swf|dat|ad|txt|dll) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(avi|ac4|mp(e?g|a|e|1|2|3|4)|mk(a|v)|ms(i|u|p)|og(x|v|a|g)|rm|r(a|p)m|snd|vob) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern -i \.(pp(t?x)|s|t)|pdf|rtf|wax|wm(a|v)|wmx|wpl|cb(r|z|t)|xl(s?x)|do(c?x)|flv|x-flv) 20160 80% 20160 ignore-no-cache override-expire override-lastmod reload-into-ims refresh_pattern ^ftp: 1440 90% 201600 override-lastmod reload-into-ims refresh_pattern ^gopher: 1440 0% 1440 override-lastmod reload-into-ims refresh_pattern (cgi-bin|\?) 0 0% 0 refresh_pattern . 0 80% 20160 override-lastmod reload-into-ims #SNMP OPTIONS snmp_port 3401 snmp_access allow snmppublic zainnet snmp_access deny all #another optimizing memory_pools off client_db off coredump_dir /cache reload_into_ims on balance_on_multiple_ip on vary_ignore_expire on pipeline_prefetch on quick_abort_min 16 KB quick_abort_max 16 KB quick_abort_pct 95 shutdown_lifetime 10 seconds half_closed_clients off cache_effective_user squid cache_effective_group squid dns_nameservers 192.168.7.1 8.8.8.8 8.8.4.4 ipcache_size 2048 ipcache_low 90 ipcache_high 95 -- View this message in context: http://squid-web-proxy-cache.1019090.n4.nabble.com/anyOne-who-has-working-ssl-bump-configuration-for-facebook-tp4663452p4663458.html Sent from the Squid - Users mailing list archive at Nabble.com.