Extra request to rapidssl

DmitriiKustov · December 31, 2014, 9:26pm

Hello. I’ve noticed that whenever i run a test by firefox or firefox nightly to https protocol website, test result waterfall has a request to http://rapidssl-ocsp.geotrust.com/

As far as i know the target first time byte is calculated, based on times of first request, therefore giving wrong results.

here is an example:
http://www.webpagetest.org/result/141231_1T_XPJ/1/details/

webpagetest says that expected FTB is 87ms, although it should be 173ms(SSL)+3*76ms(connect time) = 401ms.
or
28ms(DNS)+173ms(SSL)+76ms(connect)+100ms=377ms.

But surely not 87ms.

This messes up a lot of results, and, from client point of view, shows that optimizations made load times worse (judging by grades). Which is not cool.

If i’m missing a part of brain - please, advise

Thanks.

pmeenan · January 15, 2015, 8:16pm

Sorry, you’re correct - that’s a bug. I opened an issue to track it: TTFB incorrect when OCSP/CRL checks are done · Issue #383 · WPO-Foundation/webpagetest · GitHub

That said, you should be using ocsp certificate stapling so the browser doesn’t have to make the external request to check the certificate.

Topic		Replies	Views
What is Firefox request to ocsp.int-x3.letsencrypt.org and similar Optimization Discussions	2	226	January 17, 2018
Time Delay Between DNS Reply and FirstByte Discuss Test Results	2	124	February 24, 2015
KeepAlive over HTTPS fails Discuss Test Results	2	112	January 16, 2017
SSL negotiation time Support	6	120	April 17, 2012
Couldn't understand formula for Target first byte Time. Discuss Test Results	2	137	August 25, 2017

Extra request to rapidssl

Related topics