<html>
  <head>

    <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  </head>
  <body text="#464646" bgcolor="#FFFFFF">
    <br>
    <font face="Arial">Hi, i'm trying to play with acl 
      "server_cert_fingerprint" for splicing websites.<br>
      <br>
      First, get the fingerprint : <br>
      <br>
      openssl s_client -host <a class="moz-txt-link-abbreviated" href="http://www.clubic.com">www.clubic.com</a> -port 443 2> /dev/null |
      openssl x509 -fingerprint -noout<br>
      <br>
      <br>
      # Build the acl <br>
      <br>
      acl TestFinger </font><font face="Arial"><font face="Arial">server_cert_fingerprint
        77:F6:8D:C1:0A:DF:94:8B:43:1F:8E:0E:91:5E:0C:32:42:8B:99:C9<br>
        <br>
      </font></font><font face="Arial"><font face="Arial"><font
          face="Arial"><br>
          #     I want squid to not bump this fingerprint.<br>
          <br>
          acl ssl_step1 at_step SslBump1<br>
          acl ssl_step2 at_step SslBump2<br>
          acl ssl_step3 at_step SslBump3<br>
          ssl_bump peek ssl_step1<br>
          ssl_bump splice TestFinger<br>
          ssl_bump stare ssl_step2 all<br>
          ssl_bump bump all<br>
          <br>
          But browsing on the website still receive squid certificate
          and not the original one.<br>
          Seems TestFinger Acls did not matches in any case<br>
          <br>
          Did i'm wrong somewhere ?<br>
          <br>
          <br>
          Regards.<br>
          <br>
          <br>
        </font></font></font>
  </body>
</html>