Hi! I'm trying to get a transparent https proxy working with squid. My current flow is like this: 1) user makes request to my dns server for https://x.com 2) x.com is resolved to a server I control 3) the 443 port on the server I control redirects to squid. When I make the request squid shows the following message: The following error was encountered while trying to retrieve the URL: ://IP_OF_SERVER_I_CONTROL The system returned: (111) Connection refused I'm guessing squid isn't looking at the request header to figure out the proper host (why is it the ip and not https://x.com?) I've attached my config below (debian defaults + ssl_bump). What am I doing wrong? My current config file is like this: acl localhost src 127.0.0.1/32 ::1 acl to_localhost dst 127.0.0.0/8 0.0.0.0/32 ::1 acl SSL_ports port 443 acl CONNECT method CONNECT http_access allow manager localhost http_access deny manager http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow localhost http_access deny all https_port 9131 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid3/ssl/caCert.pem key=/etc/squid3/ssl/caKey.pem ssl_bump server-first all coredump_dir /var/spool/squid3 refresh_pattern ^ftp: 1440 20% 10080 refresh_pattern ^gopher: 1440 0% 1440 refresh_pattern -i (/cgi-bin/|\?) 0 0% 0 refresh_pattern . 0 20% 4320 always_direct allow all -M.
