Our current Squid SSL bump config using v3.5.10

bump-config.conf

# ---------------------------------------------------------------------------- #
# SSL and Intercepted Traffic Settings                                         #
# ---------------------------------------------------------------------------- #
acl step1 at_step SslBump1
acl step2 at_step SslBump2

ssl_bump peek step1
ssl_bump bump step2

sslproxy_cert_error deny all

sslcrtd_program /usr/bin/squid_ssl_crtd -s /usr/local/squid/ssl_db -M 4MB
sslcrtd_children 32 startup=5 idle=1


# ---------------------------------------------------------------------------- #
# Squid Listening Interfaces                                                   #
# ---------------------------------------------------------------------------- #
http_port 3128 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/proxy-cert.cer key=/usr/local/squid/ssl_cert/proxy-key.key
http_port 3129 intercept name=3129
https_port 3130 intercept name=3130 ssl-bump generate-host-certificates=on dynamic_cert_mem_cache_size=4MB cert=/usr/local/squid/ssl_cert/proxy-cert.cer key=/usr/local/squid/ssl_cert/proxy-key.key