Jeff M Belt

© 2018 - All Rights Reserved

​

Install Squid built with SSL decryption support

​

Login to Web UI and select System / Package Manager / Available Packages , find and install package squid.

​

Wait until squid package is installed.

​

After successful installation goto Services / Squid Proxy Server, select Local Cache tab, scroll all the way down and click Save.

​

Now select General tab, set the Enable Squid checkbox, select both LAN and loopback interfaces for Squid to bind to, scroll all the way down and click Save.

​

Fixing the Squid Installation

​

Click System -> Advanced

    Click on Enable Secure Shell

    Click Save.

​

Log into the pfSense box and open a command shell (option 8 on the menu)

​

Change directories to /usr/local/etc/squid

​

Edit the serverkey.pem file and locate the line which reads 

​

-----END PRIVATE KEY----------BEGIN CERTIFICATE-----

​

Split this line into two, so it reads

​

-----END PRIVATE KEY-----

-----BEGIN CERTIFICATE-----

​

NOTE: the number of dashes are critical, so count them correctly, meaning there are five before and after the Key and Certificate markers.

​

Save the file and reboot your pfSense box.

  

After reboot, login to Web UI, select Status / Services. The red checkbox on the right will indicate Squid service is NOT up and running.

​

Now adjust your browser configuration to point to pfSense box and try browsing the web. Squid is now working.

​

That’s it! Squid should be up and running. The status of the squid proxy can be checked by clicking Status > Services.