The following warnings occurred:
Warning [2] count(): Parameter must be an array or an object that implements Countable - Line: 802 - File: showthread.php PHP 7.2.19-0ubuntu0.18.04.2 (Linux)
File Line Function
/showthread.php 802 errorHandler->error



Current time: 09-21-2019, 09:01 PM Hello There, Guest! (LoginRegister)

Post Reply 
 
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Using LetsEncrypt Certificates Properly doubles First Byte Time
04-12-2019, 09:49 PM
Post: #1
Using LetsEncrypt Certificates Properly doubles First Byte Time

Dear Forum,

We are using LetsEncrypt Lego SSL certificates and testing our websites with WebPageTest.org. After repeatedly testing we have concluded that we get a "B" and "820 ms First Byte Time" if we provide our own plus the LetsEncrypt's Intermediate Certificate "Let’s Encrypt Authority X3 (IdenTrust cross-signed)" https://letsencrypt.org/certs/lets-encry...ed.pem.txt

However, if we cut out the intermediate certificate, we get an "A" and "432 ms First Byte Time". So, by not providing an intermediate certificate, we can show a better result to our clients. However, a test like Qualys SSL Labs complains with "This server's certificate chain is incomplete. Grade capped to B."

What is the right thing to do here? A with WebPageTest.org or A with Qualys?

We are using our own server with the newest versions of Apache/OpenSSL/Lego, and loading the certificates like:

SSLCertificateFile "/htdocs/admin/lego/certificates/$hostname.crt"
SSLCertificateKeyFile "/htdocs/admin/lego/certificates/$hostname.key"

We would like have an A with both tests. :-)


Is this possible? Thanks for any suggestions.

Dennis
Find all posts by this user
Quote this message in a reply
Post Reply 


Messages In This Thread
Using LetsEncrypt Certificates Properly doubles First Byte Time - Dennis The Menace - 04-12-2019 09:49 PM

Forum Jump:


User(s) browsing this thread: 1 Guest(s)