Squid log https without SSL Bumping

squid

You cannot log CONNECT requests on a transparent cache. The connect request would only be sent to the squid server if your browser has been configured as a proxy. If the browser isn't configured to use squid as a proxy, it will attempt to negotiate a TLS connection directly with the destination.

If you redirected that TLS connection you would either require SSLBUMP, or you would get errors in your browser.

But lets say you configured your browsers to use squid. You will not get the URL. All you will see is the FQDN of the system that hosts the web site. The URL is part of the http requests, which is not sent until after the TLS connection has been established.

For some reason, it doesn't log even the root domain on HTTPS requests, when these definitely hit squid.

They are not hitting squid. Like I said above, it simply doesn't work like that. CONNECT isn't used unless your browsers are configured to use the proxy, and you seem to be claiming to be setup as a transparent proxy. This almost certainly means that your operating system is simply routing the request like any other traffic.

Related

Why is my CUDA GPU-Util ~70% when there are "No running processes found"?
certbot setting up ssl, error "No module named 'ConfigParser'"
Use Let's Encrypt certificate for mail server
Samba not working on LAN without internet connection
Hyper-V server 2016 and 2012R2 Replica compatibility
How to close orphaned PowerShell sessions?
Using bash shell when logging into FreeBSD ssh
docker-compose exec composer as user
Why are Google Cloud Compute Engine WAN speeds less than what Google has documented?
postgresql track counts and autovacuum is not working
How can I ignore a Subversion commit hook?
storage for virtualization: 10x15k sas w/ 2gb cache OR 10x10k sas w/ 4gb cache