There is no way to configure around this. The error produced by Squid is a hard-coded reaction to TLS level errors in the SSL-Bump process. Squid needs some significant code redesign to do a better job of handling the situation. Which I understand is already underway, but still some way off usable. Amos