> > OK, makes sense. Just wonder why there is certificate
> related ACLs in
> > squid.conf already.

> The certificate ACLs work, and allow you to match specific
> user certificates or user CAs.
> It is just the option to have the request for the client
> certificate delayed until required by acl processing which does not.

Got you know. Thank you for help and great squid.