The default installation of Squid on Ubuntu 12.04 does not support SSL. To enable SSL, it must be recompiled. This guide will walk you through compiling Squid on Ubuntu 12.04 to add SSL support. Although we are targeting Ubuntu 12.04, this guide will also work on Ubuntu 14.
Compile Squid
Install dependencies.
cd ~
mkdir squid_src
cd squid_src
sudo apt-get install build-essential fakeroot devscripts gawk gcc-multilib dpatch
sudo apt-get build-dep squid3
sudo apt-get build-dep openssl
sudo apt-get source squid3
sudo apt-get install libssl-dev
sudo apt-get install openssl
Change the default compiler options to include SSL support.
vi squid3-3.1.19/debian/rules
... add these rules to "DEB_CONFIGURE_EXTRA_FLAGS":
DEB_CONFIGURE_EXTRA_FLAGS := --datadir=/usr/share/squid3 \
--sysconfdir=/etc/squid3 \
--mandir=/usr/share/man \
--with-cppunit-basedir=/usr \
--enable-inline \
--enable-ssl \
Compile.
cd squid3-3.1.19/
debuild -us -uc -b
Install it. The compiled file exists in the
squid_src
directory.cd ..
sudo dpkg -i squid3_3.1.19-1ubuntu3.12.04.2_amd64.deb squid3-common_3.1.19-1ubuntu3.12.04.2_all.deb squid3-dbg_3.1.19-1ubuntu3.12.04.2_amd64.deb
Test whether or not the compiled version supports SSL. If you see the “enable – SSL” output, then the compile was successful.
squid3 -v |grep enable-ssl
Configure SSL and start Squid
Generate a self-signed certificate.
openssl req -new -keyout key.pem -nodes -x509 -days 365 -out cert.pem
Move the server certificate to the
squid3
configuration directory.sudo mv cert.pem /etc/squid3/cert.pem
sudo mv key.pem /etc/squid3/key.pem
Enable HTTPS and specify the certificate.
sudo vi /etc/squid3/squid.conf
... add this line:
https_port 443 cert=/etc/squid3/cert.pem key=/etc/squid3/key.pem
Verify that the configuration file is formatted properly.
squid3 -k parse
Run the Squid service.
sudo service squid3 restart
Setup is complete. Squid 3 will now be working with HTTPS. Enjoy.