Dear Forum
We asked about this already a year ago, but we still have not found a proper solution. WebPageTest Forums
Our Server is completely up-to-date. Qualsys gives us an A+ and likes TLS 1.3 We even have HTTP2 running… Testing from the US or Europe does not make a difference either.
To obtain a grade A here, we have to strip the intermediate Letsencrypt certificate, but - in doing so - Qualsys will then complain. With a full certificate Qualsys is happy, but here, we get a B.
Grade A :: ~400 ms :: [Stripped with just the first certificate]
-----BEGIN CERTIFICATE-----
MIIGajCCBVKgAwIBAgISBMS6zrlqkiTZjNc5rlVXhjhbMA0GCSqGSIb3DQEBCwUA
*** 33 lines in between ***
4V/GVuFPm3bQLHl8kzk=
-----END CERTIFICATE-----
Grade B :: ~800 ms [Not stripped with first and intermediate certificate]
----BEGIN CERTIFICATE-----
MIIGajCCBVKgAwIBAgISBMS6zrlqkiTZjNc5rlVXhjhbMA0GCSqGSIb3DQEBCwUA
*** 33 lines in between ***
4V/GVuFPm3bQLHl8kzk=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIEkjCCA3qgAwIBAgIQCgFBQgAAAVOFc2oLheynCDANBgkqhkiG9w0BAQsFADA/
*** 23 lines in between ***
KOqkqm57TH2H3eDJAkSnh6/DNFu0Qg==
-----END CERTIFICATE-----
Does anybody know how the have an A (for First Byte Time) here and an A+ with Qualsys at the same time - using Letsencrypt? Thanks so much.
Dennis
I think it’s a bug but would have to check the code to be sure
Looking at the waterfalls it seem WPT seems to be interpreting the intermediate cert coming from LetsEncrypt as the TTFB for the test, rather than using the TTFB from the origin
Hi Andy,
Yes, it would be great if that bug could be fixed for us “LetsEncrypters”. The Server and its data center has everything “On Steroids”; and, as such, should score an A here. (Which it does without the intermediate certificate).
A newer test with a new (full) LetsEncrypt certificate - scoring B only:
Please let me know when this is fixed. Thanks so kindly.
Dennis
While the LetEncrypt issue is a pain and gives results that credit a site with being faster than it is
The real challenge you’ve got is the TTFB for your site is really 700ms+ and fixing the LetEcrypt issue won’t change that
Hi Andy,
However; without the intermediate certificate, we get ~400! and 'A"!
Would you like me to attach such test result?
Thanks
Dennis
Anybody? Due to the setup of our infrastructure - and being right on the back-bone, we should get the best possible scores here.
The fundamental problem is the time it takes for your site to serve the html response.
In the tests you attached at the top, there’s ~500ms between the time the browser sends the request and when it first gets a response back (look at the light and dark blue parts of the bar in the waterfall)
You need to look at why this is taking as long as it is
Also as it looks like you’re based in Germany, I’d test with one of the German locations (probably AWS Frankfurt) to eliminate the transatlantic latency