we needed to do some interoperability testing, and for that we had to allow http client application to talk with http proxy via secure channel.
on debian 11 i had to install package squid-openssl and add this line in /etc/squid/squid.conf:
https_port 3129 tls-cert=/etc/letsencrypt/live/domain.name.of.proxy/fullchain.pem tls-key=/etc/letsencrypt/live/domain.name.of.proxy/privkey.pem
the ssl cert was generated by certbot certonly.
that’s how i tested it:
curl --proxy https://domain.name.of.proxy:3129 https://kudzia.eu/ip/