I have had a bit of a rough ride with squid. It started off with breaking all websites, which I resolved one at a time.
As still breaks some sites I come across.
I recently found that the content I want cached is on the .io and .net so lucky for me I had sslNoBump the entire .com and fixed everything I was having problems with.
Only problem now is I want to cache maybe 2 .com domains.
I have used chatgpt to help but not sure it's correct. It's basically got me to edit the templates in opnsense as editing the main squid conf resets on a reboot.
So I have seen that adding entries into the template works and they stay after a reboot.
But I am soooo lost. I want to add a forced bumpssl for example nvidia.com This is a snippet of the squid.conf
Can someone help how to properly write what I need.
Fyi. The ".com" for the sslNoBump is configured via the GUI. It must be called via a text file perhaps as I don't see it below.
acl bump_domains ssl::server_name_regex -i nvidia.com
# setup ssl bump acl's
acl bump_step1 at_step SslBump1
acl bump_step2 at_step SslBump2
acl bump_step3 at_step SslBump3
acl bump_nobumpsites ssl::server_name "/usr/local/etc/squid/no>
# configure bump
ssl_bump peek bump_step1 all
ssl_bump peek bump_step2 bump_nobumpsites
ssl_bump splice bump_step3 bump_nobumpsites
ssl_bump stare bump_step2
ssl_bump bump bump_step3
sslproxy_cert_error deny all
acl ftp proto FTP
http_access allow ftp
I have tried many different ways chatgpt has shown but all seem to fail.
acl bump_nvidia ssl::server_name_regex -i \.?(nvidia\.com)$
When I edit the line to
acl bump_domains ssl::server_name_regex -i .nvidia.com
It won't fail to launch squid but it won't cache the NVIDIA files.
Essentially I want to choose to have all websites bypass my proxy except the ones I choose.
Can I get some help how to accomplish this.