want to connect squid proxy with icapeg

[mr-shitij]

I have created below squid config file and start.sh file but i am not able to read the https request body content, i am trying to experiment around this stuff. please help ....
also I have created a new vendor to read the body data

# Squid Configuration File

# Basic ACL definitions
acl localnet src 10.0.0.0/8     # RFC1918 possible internal network
# Removed conflicting networks
acl localnet src all           # Allow all source IPs

# Port ACLs
acl SSL_ports port 443
acl Safe_ports port 80          # http
acl Safe_ports port 21          # ftp
acl Safe_ports port 443         # https
acl Safe_ports port 70          # gopher
acl Safe_ports port 210         # wais
acl Safe_ports port 1025-65535  # unregistered ports
acl Safe_ports port 280         # http-mgmt
acl Safe_ports port 488         # gss-http
acl Safe_ports port 591         # filemaker
acl Safe_ports port 777         # multiling http
acl CONNECT method CONNECT
acl HTTPS port 443             # For SSL detection

# Access Control Lists
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
http_access allow localnet
http_access allow localhost
http_access deny all

# Port Configuration
http_port 3127 intercept

# SSL Bump Configuration
http_port 3128 ssl-bump \
    cert=/etc/squid-cert/cert_chain.pem \
    key=/etc/squid-cert/server_key.pem \
    generate-host-certificates=on \
    dynamic_cert_mem_cache_size=4MB \
    options=NO_SSLv3,NO_TLSv1

# SSL Certificate Generator
sslcrtd_program /usr/lib/squid/security_file_certgen -s /var/lib/ssl_db -M 4MB
sslcrtd_children 5 startup=1 idle=1

# SSL Bump Rules
acl step1 at_step SslBump1
acl step2 at_step SslBump2
acl step3 at_step SslBump3

# SSL Bump rules
ssl_bump peek step1 all
ssl_bump peek step2 all
ssl_bump bump all

# SSL Options
sslproxy_cert_error deny all
tls_outgoing_options flags=NO_DEFAULT_CA

# ICAP Configuration
icap_enable on
icap_service service_req reqmod_precache icap://icapeg:1344/garuda
icap_service service_resp respmod_precache icap://icapeg:1344/garuda

# ICAP Access Rules
adaptation_access service_req allow all
adaptation_access service_resp allow all

# ICAP Options
icap_preview_enable off
icap_preview_size 0
icap_send_client_ip on
icap_send_client_username on
icap_client_username_header X-Client-Username
icap_connect_timeout 5 minutes
icap_io_timeout 30 minutes
icap_service_failure_limit -1
icap_service_revival_delay 30
icap_persistent_connections on

# Cache Settings
cache_dir ufs /var/cache/squid 100 16 256
coredump_dir /var/cache/squid
maximum_object_size 200 MB
cache_mem 256 MB
cache_replacement_policy heap LFUDA
memory_replacement_policy heap GDSF

# Refresh Patterns
refresh_pattern ^ftp:           1440    20%     10080
refresh_pattern ^gopher:        1440    0%      1440
refresh_pattern -i (/cgi-bin/|\?) 0     0%      0
refresh_pattern .               30      20%     4320

# Error Pages
error_directory /usr/share/squid/errors/en

# Log Configuration
access_log /var/log/squid/access.log combined
access_log /var/log/squid/icap.log common
cache_log /var/log/squid/cache.log

# Custom ICAP Log Format
logformat icap_custom %ts.%03tu %>a %<A %>st/%<st %>sh/%<sh %tr %>rm %ru %Ss:/>Hs
access_log /var/log/squid/icap_custom.log icap_custom

# Debug Options
debug_options ICAP_WIRE:6 28,3

# Connection Tuning
client_persistent_connections on
server_persistent_connections on
forwarded_for on
via on

# Performance Settings
pipeline_prefetch 0
negative_ttl 0 second
positive_dns_ttl 24 hours
negative_dns_ttl 1 minute

# Timeout Settings
connect_timeout 1 minute
read_timeout 5 minutes
write_timeout 5 minutes
request_timeout 5 minutes
shutdown_lifetime 1 seconds

# TCP Options
tcp_recv_bufsize 64 KB
client_ip_max_connections 100

# Memory Cache Settings
cache_swap_low 90
cache_swap_high 95

# Process Management
workers 1

# Miscellaneous
visible_hostname squid-proxy
unique_hostname squid-proxy
cachemgr_passwd none all

# Range Offset Limit
range_offset_limit 200 MB
quick_abort_min -1

# Header Management
request_header_access Proxy-Connection deny all
request_header_access X-Forwarded-For deny all
request_header_access Via deny all
request_header_access Cache-Control deny all

reply_header_access Server deny all
reply_header_access X-Powered-By deny all
reply_header_access Via deny all
reply_header_access Link deny all

# Custom Header Management
request_header_access X-Forwarded-Proto allow all
request_header_access X-Real-IP allow all

start.sh

#!/bin/sh

set -e

CHOWN=$(/usr/bin/which chown)
SQUID=$(/usr/bin/which squid)

prepare_folders() {
    echo "Preparing folders..."
    mkdir -p /etc/squid-cert/
    mkdir -p /var/cache/squid/
    mkdir -p /var/log/squid/
    "$CHOWN" -R squid:squid /etc/squid-cert/
    "$CHOWN" -R squid:squid /var/cache/squid/
    "$CHOWN" -R squid:squid /var/log/squid/
}

initialize_cache() {
    echo "Creating cache folder..."
    "$SQUID" -z

    sleep 5
}

create_cert() {
    if [ ! -f /etc/squid-cert/ca_key.pem ] || [ ! -f /etc/squid-cert/ca_cert.pem ]; then
        echo "Creating root CA certificate..."
        openssl genrsa -out /etc/squid-cert/ca_key.pem 4096
        openssl req -new -x509 -key /etc/squid-cert/ca_key.pem -sha256 -days 3650 \
            -out /etc/squid-cert/ca_cert.pem \
            -subj "/C=$C/O=$O/OU=$OU/CN=$CN" -utf8 -nameopt multiline,utf8 \
            -config /etc/ssl/openssl.cnf -extensions v3_ca

        echo "Creating server certificate..."
        openssl genrsa -out /etc/squid-cert/server_key.pem 2048
        openssl req -new -key /etc/squid-cert/server_key.pem \
            -out /etc/squid-cert/server.csr \
            -subj "/C=$C/O=$O/OU=$OU/CN=$CN" -utf8 -nameopt multiline,utf8

        openssl x509 -req -in /etc/squid-cert/server.csr \
            -CA /etc/squid-cert/ca_cert.pem -CAkey /etc/squid-cert/ca_key.pem \
            -CAcreateserial -out /etc/squid-cert/server_cert.pem -days 365 -sha256 \
            -extfile /etc/ssl/openssl.cnf -extensions v3_req

        cat /etc/squid-cert/server_cert.pem /etc/squid-cert/ca_cert.pem > /etc/squid-cert/cert_chain.pem


        # Create DER format certificates for convenience
        openssl x509 -in /etc/squid-cert/ca_cert.pem -outform DER -out /etc/squid-cert/ca_cert.der
        openssl x509 -in /etc/squid-cert/server_cert.pem -outform DER -out /etc/squid-cert/server_cert.der
        openssl x509 -in /etc/squid-cert/cert_chain.pem -outform DER -out /etc/squid-cert/cert_chain.der

        # for serving certs to clients
        cp /etc/squid-cert/ca_cert.der /usr/share/squid/icons/ca_cert.der
        sudo chmod 644 /usr/share/squid/icons/ca_cert.der

        cp /etc/squid-cert/server_cert.der /usr/share/squid/icons/server_cert.der
        sudo chmod 644 /usr/share/squid/icons/server_cert.der

        cp /etc/squid-cert/cert_chain.der /usr/share/squid/icons/cert_chain.der
        sudo chmod 644 /usr/share/squid/icons/cert_chain.der

    else
        echo "Certificates found..."
    fi
}

clear_certs_db() {
    echo "Clearing generated certificate db..."
    rm -rfv /var/lib/ssl_db/
    /usr/lib/squid/security_file_certgen -c -s /var/lib/ssl_db -M 4MB
    "$CHOWN" -R squid:squid /var/lib/ssl_db
}

run() {
    echo "Starting squid..."
    prepare_folders
    create_cert
    clear_certs_db
    initialize_cache
    exec "$SQUID" -NYCd 1 -f /etc/squid/squid.conf
}

run

[mr-shitij]

https://github.com/alatas/squid-alpine-ssl

the above repo for squid proxy