Conclusion

Now we have HTTPS web filtering up and running and our network environment became a little safer for those who need protection at most. Next steps would be to direct all client browsers to use Squid proxy, correctly setup authentication and authorization to get user specific reports in Web Safety and optionally setup transparent HTTPS filtering. It is also advisable to enable a caching DNS server on pfSense firewall to further increase speed of connections.

Note

All scripts, patches and configuration files mentioned in this tutorial are in this archive.