[squid-users] seeking assistance for home users wanting to cache https contents

[Michael Davis]

okay, so I'm working on making a public github repository for others like
me out there that are having such a hard time with this, given the state of
the web being almost completely run via SSL websites, who want to use squid
for bandwidth easing in these times of everyone being stuck in home
isolation, but given that this literally constitutes making what is by
design a man in the middle attack, I am finding it more difficult than
learning to do brain surgery (I am not a surgeon).

my goal is to set up squid so that it can properly decrypt SSL traffic for
my own local devices, I own everything on this network, so this is not an
ethical problem for me given I am the sole user of everything on my own
network, and I want to PROPERLY be able to cache contents that are
otherwise delivered by SSL (nvidia graphics driver updates, Microsoft
updates (if I can do so without WSUS, verdict on this one still highly
fuzzy) web content, such as for example twitter contents, facebook
posts/videos/pictures, images on image sites like Photobucket and others)
given most web content is delivered by SSL these days, NOT having it work
using MITM setup is kind of impossible to actually cache data in this day
in age.

I have done extensive research, and even after having another member of the
pfsense community join my attempts at this, we both are at a loss on how to
correctly set up peek and splice to do the job were after here, that being
decrypting SSL traffic for local lans (yes we both know the implications,
but they are in both of our cases our own property and networks and we are
both the only people using them individually respectively) and yes we both
have also installed our local certificate authority certificates on our
devices to let it work properly, we just don't seem to understand enough on
how peek and splice is supposed to work, to implement it properly, and
thus, the guy I'm working with on this suggested we reach out to this
mailing list and ask those here that understand it more than we do.

so, could we kindly request some assistance in understanding this and how
to implement it please? I will admit, the guy I'm working with understands
this far better than I do myself, however I figured I'd reach out on my end
given that I'm the guy that's publishing the information into the public
github repo I made for this.

I am NOT the most knowledgeable on networking, I will straight up admit
that, I learn by trial and error and am almost completely self taught on
what I know, so please bear with me if it takes me a little bit to
understand a given term or other item if I'm a little bit slow to grasp it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20200830/36fb0922/attachment.htm>