<div dir="ltr"><div><div><div><div><div>Hi Team,<br><br></div>System Config:<br><br><span dir="ltr" style="text-align:left" id=":10a.co" class="">Intel S2400SC2 Motherboard</span><div id=":10b.ma" class=""><span dir="ltr" style="text-align:left" id=":10b.co" class="">Intel Xeon ES 2407 V2 CPU<br></span></div><div id=":10b.ma" class=""><span dir="ltr" style="text-align:left" id=":10b.co" class="">RAM 32 GB<br><br><br></span></div>http_port 3127<br>http_port 3128 intercept<br>https_port 3129 intercept ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/etc/squid/ssl_certs/squid.crt key=/etc/squid/ssl_certs/squid.key options=NO_SSLv3 tls-dh=/etc/squid/dhparam.pem<br>sslproxy_capath /etc/ssl/certs<br><br><br># FILTERING HTTPS<br>acl 1 dstdomain .<a href="http://fbcdn.net">fbcdn.net</a> .<a href="http://akamaihd.net">akamaihd.net</a> .<a href="http://fbsbx.com">fbsbx.com</a><br>#acl 2a dstdomain .<a href="http://mahadana.com">mahadana.com</a> .<a href="http://mql4.com">mql4.com</a> .<a href="http://metaquotes.net">metaquotes.net</a><br>acl 2 url_regex -i ^https?:\/\/attachment\.fbsbx\.com\/.*\?(id=[0-9]*).*<br>acl 2 url_regex -i \.fbsbx\.com\/.*\/(.*\.(unity3d|pak|zip|exe|dll|jpg|png|gif|swf)/)$<br>acl 2 url_regex -i ^https?:\/\/.*\.ytimg\.com(.*\.(webp|jpg|gif))<br>acl 2 url_regex -i ^https?:\/\/([^\.]*)\.yimg\.com\/(.*)<br>acl 2 url_regex -i ^https?:\/\/.*\.gstatic\.com\/images\?q=tbn\:(.*)<br>acl 2 url_regex -i ^https?:\/\/.*\.reverbnation\.com\/.*\/(ec_stream_song|download_song_direct|stream_song)\/([0-9]*).*<br>acl 2 url_regex -i ^https?:\/\/([a-z0-9.]*)(\.doubleclick\.net|\.quantserve\.com|.exoclick\.com|interclick.\com|\.googlesyndication\.com|\.auditude\.com|.visiblemeasures\.com|yieldmanager|cpxinteractive)(.*)<br>acl 2 url_regex -i ^https?:\/\/(.*?)\/(ads)\?(.*?)<br>acl 2 url_regex -i ^https?:\/\/.*steampowered\.com\/.*\/([0-9]+\/(.*))<br>acl 3 url_regex -i ^https?:\/\/(.*?)\/speedtest\/.*\.(jpg|txt|png|gif|swf)\?.*<br>acl 3 url_regex -i speedtest\/.*\.(jpg|txt|png|gif|swf)\?.*<br>acl 4 url_regex -i reverbnation.*audio_player.*ec_stream_song.*$<br>acl 5 url_regex -i utm.gif.*<br>acl 6 url_regex -i c.android.clients.google.com.market.GetBinary.GetBinary.*<br>acl 7 url_regex -i youtube.*(ptracking|stream_204|player_204|gen_204).*$<br>acl 7 url_regex -i \.c\.(youtube|google)\.com\/(get_video|videoplayback|videoplay).*$<br>acl 7 url_regex -i (youtube|google).*\/videoplayback\?.*<br>acl 8 http_status 302<br>acl getmethod method GET<br><br><br>ssl_bump splice localhost<br>acl 9 at_step SslBump1<br>acl 10 at_step SslBump2<br>acl 11 at_step SslBump3<br>ssl_bump peek 9 all<br>ssl_bump bump 10 all<br>ssl_bump bump 11 all<br><br><br>----------------------------------------------------------------------------------------------<br><br></div>Is there any way where it can Cache SSL Certificate for all HTTPS Traffic ....<br></div>Because SSL Cert & Squid process were using 99% of CPU Load ....<br><br></div>We have approx 200 users ....<br><br></div><div>I have set the open file limit to 100000 <br><br></div><div>Could you please let us know if there is any way to Cache the HTTPS Request in Squid .....<br></div></div>