Как настроить правильно сертификат в Squid 3.4.8?

Question

[Astlos145]

Настроен сквид, у него также есть сертификат, который ставится на каждый пк, но проблема в том, что после того поставил сертификат, сертификат все ровно пропускает HTTPS страницы.
Вот конфиг Сквида
== Global options:===============

== Listen ports: ================
http_port 10.0.0.2:8080 accel
http_port 10.0.0.2:3128

http_port 192.168.2.2:8080 accel
http_port 192.168.2.2:3128
#= for Frontends:
http_port 127.0.0.1:3128

== SSL Bump: ====================
http_port 192.168.2.2:4443 ssl-bump \
generate-host-certificates=on \
dynamic_cert_mem_cache_size=4MB \
cert=/etc/squid3/squidCA.pem \
key=/etc/squid3/squidCA.pem \
connection-auth=off \
sslflags=NO_DEFAULT_CA

http_port 10.0.0.2:4443 ssl-bump \
generate-host-certificates=on \
dynamic_cert_mem_cache_size=4MB \
cert=/etc/squid3/squidCA.pem \
key=/etc/squid3/squidCA.pem \
connection-auth=off \
sslflags=NO_DEFAULT_CA

sslproxy_flags DONT_VERIFY_PEER
sslproxy_cert_error allow all
always_direct allow all
ssl_bump client-first all
ssl_bump none all
sslcrtd_program /usr/lib/squid3/ssl_crtd -s /etc/squid3/ssldb/certs -M 4MB

== Systems: =====================
pid_filename /var/run/squid.pid
hosts_file /etc/hosts
error_directory /usr/share/squid3/errors/templates
visible_hostname none
dns_nameservers 77.88.8.7

#== IPv6 bullshit: ===============
tcp_outgoing_address 192.168.2.2 all
dns_v4_first o

#== Logging: =====================
logfile_rotate 1
access_log stdio:/var/log/squid3/access.log squid
cache_store_log stdio:/var/log/squid3/store.log
cache_log /var/log/squid3/cache.log

logfile_daemon /usr/lib/squid3/log_file_daemon

#== Squid Cache: =================
cache_mem 512 MB
maximum_object_size 512 KB
maximum_object_size_in_memory 512 KB
memory_replacement_policy heap GDSF

#== Elite anonomising: ===========
request_header_access X-Forwarded-For deny all
request_header_access Via deny all
request_header_access Cache-Control deny all
follow_x_forwarded_for allow all
acl_uses_indirect_client on
delay_pool_uses_indirect_client on
log_uses_indirect_client on
forwarded_for on

== SquidGuard:===================
redirect_program /usr/bin/squidGuard -c /etc/squid3/squidGuard.conf
redirect_children 16
redirector_bypass on

== Squid ACL: ===============================================================

= White ports: ========
acl Allow-port port 20 21 25 80 110 143 443 456 993 995 1935 8000 8008 8080 8081

#= Mothods: ============
acl purge method PURGE
acl CONNECT method CONNECT

= Networks: ===========
acl localnet src 192.168.2.0/24
acl dhcpnet src 10.0.0.0/24
acl DanseGuardian src 127.0.0.1/32

= Users: ==============
acl System src "/etc/squid3/users/system.list"

acl Library-215 src "/etc/squid3/users/library-215.list"
acl Library-218 src "/etc/squid3/users/library-218.list"

acl Langlab src "/etc/squid3/users/students-402-3.list"

acl Class-1 src "/etc/squid3/users/students-109-1.list"
acl Class-2 src "/etc/squid3/users/students-111-1.list"
acl Class-3 src "/etc/squid3/users/students-112-1.list"
acl Class-4 src "/etc/squid3/users/students-116-1.list"
acl Class-5 src "/etc/squid3/users/students-26-2.list"

= Squid Lists: ========
acl System-List dstdomain "/etc/squid3/lists/system.list"
acl Access-List dstdomain "/etc/squid3/lists/access.list"
acl SSL-List dstdomain "/etc/squid3/lists/ssl.list"
acl Blocks-List dstdomain "/etc/squid3/lists/deny.list"

acl mism_cert dstdomain -i "/etc/squid3/lists/mism_ssl"

http_access allow DanseGuardian
http_access allow all

= SSL Proxy: ==============
sslproxy_cert_error allow mism_cert
sslproxy_cert_adapt setCommonName ssl::certDomainMismatch

= System & Staff access: ==
http_access allow System all

#http_access allow Staff Blocks-List
#http_access allow Staff all
http_access allow System System-List
#http_access allow Staff System-List

http_access allow Library-215 System-List
http_access allow Library-218 System-List
http_access allow Langlab System-List

http_access allow Class-1 System-List
http_access allow Class-2 System-List
http_access allow Class-3 System-List
http_access allow Class-4 System-List
http_access allow Class-5 System-List

= Black lists: ============
http_access allow Library-215 Blocks-List
http_access allow Library-218 Blocks-List
http_access allow Langlab Blocks-List

http_access allow Class-1 Blocks-List
http_access allow Class-2 Blocks-List
http_access allow Class-3 Blocks-List
http_access allow Class-4 Blocks-List
http_access allow Class-5 Blocks-List

= White lists: ============
http_access allow Library-215 Access-List
http_access allow Library-218 Access-List
http_access allow Langlab Access-List

http_access allow Class-1 Access-List
http_access allow Class-2 Access-List
http_access allow Class-3 Access-List
http_access allow Class-4 Access-List
http_access allow Class-5 Access-List

= White SSL lists: ========
http_access allow Library-215 SSL-List
http_access allow Library-218 SSL-List
http_access allow Langlab SSL-List

http_access allow Class-1 SSL-List
http_access allow Class-2 SSL-List
http_access allow Class-3 SSL-List
http_access allow Class-4 SSL-List
http_access allow Class-5 SSL-List

http_access allow all SSL-List

=== Port control: ===========
http_access allow Allow-port Library-215
http_access allow Allow-port Library-218

http_access allow Allow-port Langlab
http_access allow Allow-port Class-1
http_access allow Allow-port Class-2
http_access allow Allow-port Class-3
http_access allow Allow-port Class-4
http_access allow Allow-port Class-5
http_access allow Allow-port