Hey guys
Is there any possibility to increase the ttl for some checks like SSL certificate checks? The Socket timeout from 10 seconds is too short for us.
Greetz
Ovrld
1 Like
10 seconds to short for cert check?
Certificate checks must be nearly instant as this is the first thing your webserver delivers.
There is no payload it is only the handshake.
I have a “CRITICAL - Socket timeout after 10 seconds” on a system with ping from 15 seconds.
Oh alien spaceship behind the moon 
- sorry to the moon an back you only need 3 seconds RTT.
If you have 15 seconds ping time then something is completely broken.
The 10 second timeout is that you get no socket connection after 10 seconds. That means for myself the host is not reachable.
1 Like
The problem is Online Certificate Status Protocol stapling (OCSP) - with that it takes sometimes over 10 seconds
Sure that the check uses OCSP stapling and not “normal” OCSP?
If it is OCSP stapling then your check don’t need to do something else the OCSP response is already included in the responses with the certificate.
Short article about this problem, also the high response times
https://www.ssl.com/article/page-load-optimization-ocsp-stapling/
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.