Can Squid or other open-source proxy server be set up to process HTTPS encrypted traffic?

Ivan asked:

I would like to set up a home proxy server which would filter ads and viruses even before they get to the browser. The problem in this case is that many web sites use encrypted HTTPS connections and I don’t want to disable this (as I prefer the data to be encrypted as they travel between my home and the server). So is it possible (and how if yes) to configure a trusted proxy server to act as man-in-a-middle decrypting and processing the traffic?

I’d prefer free open source solutions as I consider them mote trustworthy in such a sensitive task.

My answer:


For squid, set up SSL Bump and dynamic SSL certificates, and be sure to add your new CA to your users’ web browsers.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.