SQUID proxy not filtering on whitelist for HTTPS

I have created a squid proxy server on Amazon Linux which filters HTTP requests perfectly.

The problem I am facing is that it is not filtering HTTPS requests properly.

I have a whitelist with a few websites in it but if I do a curl https://www.google.com it will return the html5 output, similarly I can use wget to download things. I do not want any access to any websites that aren't listed in the whitelist.txt file.

Below I have pasted my squid.conf file in hopes that someone could shed some light into why HTTPS filtering is not working as expected.

Quote:

visible_hostname squid cache deny all # Log format and rotation #logformat squid %ts.%03tu %6tr %>a %Ss/%03>Hs %<st %rm %ru %ssl::>sni %Sh/%<a %mt logformat timereadable %tl %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt access_log daemon:/var/log/squid/access.log timereadable logfile_rotate 0 debug_options rotate=0 # Handling HTTP requests http_port 3128 http_port 3129 intercept # Handling HTTPS requests https_port 3130 cert=/etc/squid/ssl/squid.pem ssl-bump intercept acl SSL_port port 443 http_access allow SSL_port acl step1 at_step SslBump1 acl step2 at_step SslBump2 acl step3 at_step SslBump3 ssl_bump peek step1 all # Deny requests to proxy instance metadata acl instance_metadata dst 169.254.169.254 http_access deny instance_metadata # Filter HTTP requests based on the whitelist acl allowed_http_sites dstdomain "/etc/squid/whitelist.txt" http_access allow allowed_http_sites # Filter HTTPS requests based on the whitelist acl allowed_https_sites ssl::server_name "/etc/squid/whitelist.txt" ssl_bump peek step2 allowed_https_sites ssl_bump splice step3 allowed_https_sites ssl_bump terminate step2 all ssl_bump terminate all http_access deny all