It’s amazing at how elusive some of the simplest things can be. For a few days I’ve struggled to work out why I can’t proxy to non-standard SSL/HTTPS ports using Squid.
Well it turns out that I either didn’t look close enough at the config file, or there’s a serious lack of documentation on this matter. Maybe a little of both (and I tried the IRC channel for #squid on Freenode, idlers galore!).
Well, it’s this simple: I want to connect to a new HTTPS server which I have set the port to as 4444 for Exchange OWA. Squid will give you a configuration error or a not allowed message when you try to proxy to any port other than 443 which is the standard allowed SSL.
To fix this, add your port to the line in the config file:
acl SSL_ports port 443
so it becomes
acl SSL_ports port 443 4444
/etc/init.d/squid3 reload
That’s it, job done.