On 29/01/2014 9:26 p.m., m.shahverdi@xxxxxxxxxxxx wrote: > For example I searched something in "https://www.google.com"; and > access.log is as below: > > 1390982819.881 651 10.1.116.50 TCP_MISS/200 855 POST > http://clients1.google.com/ocsp - HIER_DIRECT/216.239.32.20 > application/ocsp-response These are HTTP requests for OCSP certificate information *about* HTTPS clients/servers. It is not HTTPS traffic. It is one of the more nasty oddities of SSL/TLS that it requires working un-encrypted HTTP connectivity to fetch certificate verification information :-(. The HTTPS "GET https://www.google.com ..." part is going through a different connection encrypted on port 443. Amos
