Added "." ".com" to sslnobump want to add a forced SSL bump to a .com

[Toxsickcity]

I have had a bit of a rough ride with squid. It started off with breaking all websites, which I resolved one at a time.

As still breaks some sites I come across.

I recently found that the content I want cached is on the .io and .net so lucky for me I had sslNoBump the entire .com and fixed everything I was having problems with.

Only problem now is I want to cache maybe 2 .com domains.

I have used chatgpt to help but not sure it's correct. It's basically got me to edit the templates in opnsense as editing the main squid conf resets on a reboot.

So I have seen that adding entries into the template works and they stay after a reboot.

But I am soooo lost. I want to add a forced bumpssl for example nvidia.com This is a snippet of the squid.conf

Can someone help how to properly write what I need.

Fyi. The ".com" for the sslNoBump is configured via the GUI. It must be called via a text file perhaps as I don't see it below.

Code Select Expand

acl bump_domains ssl::server_name_regex -i nvidia.com


# setup ssl bump acl's

acl bump_step1 at_step SslBump1

acl bump_step2 at_step SslBump2

acl bump_step3 at_step SslBump3

acl bump_nobumpsites ssl::server_name "/usr/local/etc/squid/no>



# configure bump

ssl_bump peek bump_step1 all

ssl_bump peek bump_step2 bump_nobumpsites

ssl_bump splice bump_step3 bump_nobumpsites

ssl_bump stare bump_step2

ssl_bump bump bump_step3



sslproxy_cert_error deny all



acl ftp proto FTP

http_access allow ftp


I have tried many different ways chatgpt has shown but all seem to fail.

Code Select Expand

acl bump_nvidia ssl::server_name_regex -i \.?(nvidia\.com)$
When I edit the line to

Code Select Expand

acl bump_domains ssl::server_name_regex -i .nvidia.com
It won't fail to launch squid but it won't cache the NVIDIA files.

Essentially I want to choose to have all websites bypass my proxy except the ones I choose.

Can I get some help how to accomplish this.