Apple Safari on MacOS¶

In order to install Trusted Root CA certificate first check your proxy settings in Settings / Advanced as indicated on the following screenshots.


Both HTTP and HTTPS proxy setting need to correctly point to your Squid box.


Select Launchpad / Other and click on Key Chain Access icon to open the key chain application.


In the Key Chain application, select System, Certificates in the left panel and unlock the key chain by clicking on the Unlock button on the top left and providing the administrator’s password.


Drag the DER certificate you downloaded on the Install Trusted Certificates page into the right panel of the Key Chain application, the common name from the certificate will be loaded and will be shown on the list of certificates (in our case proxy.diladele.lan). Please note, this certificate is not yet trusted (see red x on the screenshot).


Double click the non trusted certificate (proxy.diladele.lan on screenshot) to show its properties and expand the trust settings.


Confirm you are trusting this certificate by selecting Always Trust from the drop down menu.


Close the properties and make sure the certificate is now trusted.


Open any HTTPS page and ensure the top certificate now comes from your Squid proxy and matches your Trusted Root CA certificate.


If you open a blocked page with Safari now, the blocked page should be shown correctly.