I would like to get the recommendation on how to configure Squid (latest version) with client SSL termination.
The requirement is to provide proxy access to the internet for the client who has no ability to install a custom CA certificate.
Following the documentation here, it is possible to use HTTPS for the browser-proxy connection the same way as HTTP.
However, the only way to achieve that is to use SSL Interception with self-signed CA certificate, which cannot work in my case.
Can someone please advise?
If I understand you correctly you want to replace the client-to-server encryption offered by HTTPS with client-to-proxy-encryption followed by proxy-to-server encryption without a client needing to trust the proxy. If this would work it would make HTTPS fundamentally insecure since every man-in-the-middle attacker could just do this. So fortunately it will not work.