Adding SSL/TLS Certificate Sensor

1. Log in to your PRTG Network Monitor dashboard.
2. Navigate to the "Devices" tab and select the device hosting the SSL/TLS certificate you want to monitor.
3. Click on "Add Sensor" and search for "SSL Certificate" sensor type.
4. Select the sensor and specify the target SSL/TLS certificate by entering its hostname or IP address.
5. Configure additional settings such as scanning intervals and warning/error thresholds.
6. Click "Create" to add the sensor to your monitoring setup.

Configuring OCSP Response Monitoring

1. After adding the SSL/TLS certificate sensor, locate it in the device's sensor list.
2. Click on the sensor to open its settings.
3. Scroll down to the "Security" section and enable the "OCSP Stapling" option.
4. Provide the necessary OCSP responder URL(s) for the monitored certificate(s).
5. Save the settings to apply the OCSP response monitoring configuration.

Setting Up Notifications

1. Proceed to the "Notifications" tab in the main menu.
2. Click on "Add Notification" to create a new notification rule.
3. Choose your preferred notification method (email, SMS, etc.).
4. Define conditions for triggering notifications, such as when OCSP response is unavailable or certificate validity status changes.
5. Specify recipients who should receive the notifications.
6. Save the notification rule.

Monitoring and Troubleshooting

1. Monitor the status of SSL/TLS certificate OCSP responses in real-time on the PRTG dashboard.
2. Receive notifications promptly if OCSP responses become unavailable or indicate certificate validation issues.
3. Investigate the root cause of OCSP response unavailability using PRTG's diagnostic tools, such as packet capture and log analysis.
4. Take appropriate actions to resolve issues, such as verifying OCSP responder availability or updating certificate configurations.

Optimization and Fine-Tuning

1. Regularly review monitoring thresholds and adjust them as needed to ensure accurate detection of OCSP response issues.
2. Fine-tune notification rules based on feedback and evolving security requirements.
3. Consider implementing additional security measures, such as certificate revocation checking and certificate expiration alerts, to enhance overall security posture.

With PRTG Network Monitor, you can effectively monitor the availability of SSL/TLS certificate OCSP responses, ensuring the integrity and security of your network communications. By following the steps outlined in this manual, you can proactively identify and address potential certificate validation issues, minimizing the risk of security breaches and ensuring the uninterrupted operation of your network services.