Thanks for the reply and apologies my post didn't include the HTML fragments: Configuration: ./configure \ --enable-ssl \ --enable-ssl-crtd \ --with-openssl \ --disable-arch-native \ --prefix=/usr \ --localstatedir=/var \ --sysconfdir=/etc/squid \ --libexecdir=/usr/lib/squid \ --datadir=/usr/share/squid \ --with-default-user=proxy \ --with-logdir=/var/log/squid \ --with-pidfile=/var/run/squid.pid Squid configuration: visible_hostname squid http_port 3128 acl whitelist dstdomain .example.com http_access allow whitelist https_port 3129 cert=/etc/squid/squid.pem options=NO_SSLv2,NO_SSLv3,NO_TLSv1,NO_TLSv1_1,NO_TICKET cipher=HIGH:MEDIUM:!RC4:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS ssl-bump intercept acl SSL_port port 443 http_access allow SSL_port acl CONNECT method CONNECT acl step1 at_step SslBump1 acl step2 at_step SslBump2 acl step3 at_step SslBump3 ssl_bump peek step1 all ssl_bump peek step2 whitelist ssl_bump splice step3 whitelist ssl_bump terminate step2 all http_access deny all coredump_dir /var/cache/squid/ iptables: iptables -t nat -I PREROUTING -p tcp --dport 80 -j REDIRECT --to-port 3128 iptables -t nat -I PREROUTING -p tcp --dport 443 -j REDIRECT --to-port 3129 Access log: 1551954200.914 54 10.0.1.166 NONE_ABORTED/200 0 CONNECT 93.184.216.34:443 - HIER_NONE/- - 1551954214.370 0 10.0.1.166 NONE/400 3810 GET / - HIER_NONE/- text/html 1551954217.223 0 10.0.1.166 NONE/400 3810 GET / - HIER_NONE/- text/html 1551954256.558 0 10.0.1.166 NONE/400 3810 GET / - HIER_NONE/- text/html 1551954261.638 0 10.0.1.166 NONE/400 3810 GET / - HIER_NONE/- text/html 1551954273.516 215 10.0.1.166 NONE_ABORTED/200 0 CONNECT 93.184.216.34:443 - HIER_NONE/- - 1551954391.304 1 185.59.221.44 NONE_ABORTED/200 0 CONNECT 10.0.0.151:443 - HIER_NONE/- - 1551954395.346 0 185.59.221.44 NONE_ABORTED/200 0 CONNECT 10.0.0.151:443 - HIER_NONE/- - 1551954398.938 0 185.59.221.44 NONE_ABORTED/200 0 CONNECT 10.0.0.151:443 - HIER_NONE/- - Thanks again, David -- Sent from: http://squid-web-proxy-cache.1019090.n4.nabble.com/Squid-Users-f1019091.html _______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users