On 29/01/2014 9:26 p.m., m.shahverdi_at_ece.ut.ac.ir wrote:
> For example I searched something in "https://www.google.com" and
> access.log is as below:
>
> 1390982819.881 651 10.1.116.50 TCP_MISS/200 855 POST
> http://clients1.google.com/ocsp - HIER_DIRECT/216.239.32.20
> application/ocsp-response
These are HTTP requests for OCSP certificate information *about* HTTPS
clients/servers. It is not HTTPS traffic.
It is one of the more nasty oddities of SSL/TLS that it requires working
un-encrypted HTTP connectivity to fetch certificate verification
information :-(.
The HTTPS "GET https://www.google.com ..." part is going through a
different connection encrypted on port 443.
Amos
Received on Wed Jan 29 2014 - 08:36:03 MST
This archive was generated by hypermail 2.2.0 : Wed Jan 29 2014 - 12:00:06 MST