Here is the reference how to set up an intercepted forward proxy by SQUID in Linux OS platform.
Befor you start, you should prepare a Linux OS such as Ubuntu, Fedora, Debian etc...
After that, SQUID should be installed by your OS package manager such as APT, DNF etc...
The main step of intercept forward proxy for HTTPs requests is to use an tool called security_file_certgen which is used for generating instant e-Cert for intercepting each HTTPs requests.
Here provided the SQUID for HTTPs intercepting configuration sample:
http_port 3129 tcpkeepalive=60,30,3 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=20MB tls-cert=/etc/squid/bump.crt tls-key=/etc/squid/bump.key cipher=HIGH:MEDIUM:!LOW:!RC4:!SEED:!IDEA:!3DES:!MD5:!EXP:!PSK:!DSS options=NO_TLSv1,NO_SSLv3,SINGLE_ECDH_USE tls-dh=prime256v1:/etc/squid/bump_dhparam.pem
sslcrtd_program /usr/lib64/squid/security_file_certgen
sslcrtd_children 5
sslproxy_cert_error allow all
ssl_bump stare all
After above setting, you should install the CA of SQUID, as bump.crt file as above mentioned CA.
Intercept forward proxy
Re: Intercept forward proxy
For the gencert tool, you can refer to the official manual webpage
https://www.mankier.com/8/security_file_certgen
https://www.mankier.com/8/security_file_certgen