Use this ACL to bypass server certificate validation errors.
For example, the following lines will bypass all validation errors
when talking to servers for example.com. All other
validation errors will result in ERR_SECURE_CONNECT_FAIL error.
acl BrokenButTrustedServers dstdomain example.com
sslproxy_cert_error allow BrokenButTrustedServers
sslproxy_cert_error deny all
This clause only supports fast acl types.
See https://wiki.squid-cache.org/SquidFaq/SquidAcl for details.
Using slow acl types may result in server crashes
Without this option, all server certificate validation errors
terminate the transaction to protect Squid and the client.
SQUID_X509_V_ERR_INFINITE_VALIDATION error cannot be bypassed
but should not happen unless your OpenSSL library is buggy.
SECURITY WARNING:
Bypassing validation errors is dangerous because an
error usually implies that the server cannot be trusted
and the connection may be insecure.
See also: sslproxy_flags and DONT_VERIFY_PEER.