Thanks Steve! One final question - have I closed up the proxy ports (and any other security issues) correctly here? Below is a short write-up on how this worked.
One trick is that you need to compile squid yourself with the --enable-ssl option for the ssl to work. Hopefully this write-up can help the next person!
Install squid:
apt-get update
apt-get install devscripts build-essential
apt-get source squid3
apt-get build-dep squid3
cd squid3-"version"
nano debian/rules # or whatever editor you use
add the --enable-ssl line among the other --enable-blah- lines in the configure file
debuild -us -uc
cd ..
dpkg -i your_built_package.deb
Run squid:
sudo squid3 restart
Configure squid.conf file:
Find it under /etc/squid3/squid.conf and add the following to the top of that file:
https_port 443 accel cert=/usr/newrprgate/CertAuth/testcert.cert key=/usr/newrprgate/CertAuth/testkey.pem defaultsite=mybackendsite.com
cache_peer
https://mybackendsite.com parent 80 0 no-query originserver login=PASS name=pcs
acl pc_secure_site dstdomain mybackendsite.com
cache_peer_access pcs allow pc_secure_site
http_access allow pc_secure_site
cache_mgr root
# Basic parameters
visible_hostname mybackendsite.com
# This line indicates the server we will be proxying for
http_port 80 accel defaultsite=mybackendsite.com
# And the IP Address for it - adjust the IP and port if necessary
cache_peer
http://mybackendsite.com parent 80 0 no-query originserver login=PASS name=pc
acl all src 0.0.0.0/0.0.0.0
acl our_sites dstdomain mybackendsite.com
http_access allow our_sites
cache_peer_access pc allow our_sites
cache_peer_access pc deny all