Adding SSL/TLS Certificate Sensor

1. Log in to your PRTG Network Monitor dashboard.
2. Navigate to the "Devices" tab and select the device hosting the SSL/TLS certificate you want to monitor.
3. Click on "Add Sensor" and search for the "SSL Certificate" sensor type.
4. Select the sensor and specify the target SSL/TLS certificate by entering its hostname or IP address.
5. Configure additional settings such as scanning intervals and warning/error thresholds.
6. Click "Create" to add the sensor to your monitoring setup.

Configuring OCSP Response Monitoring

1. After adding the SSL/TLS certificate sensor, locate it in the device's sensor list.
2. Click on the sensor to open its settings.
3. Scroll down to the "Security" section and enable the "OCSP Stapling" option.
4. Provide the necessary OCSP responder URL(s) for the monitored certificate(s).
5. Save the settings to apply the OCSP response monitoring configuration.

Setting Up Notifications

1. Proceed to the "Notifications" tab in the main menu.
2. Click on "Add Notification" to create a new notification rule.
3. Choose your preferred notification method (email, SMS, etc.).
4. Define conditions for triggering notifications, such as when OCSP responses fail or indicate certificate validation issues.
5. Specify recipients who should receive the notifications.
6. Save the notification rule.

Monitoring and Troubleshooting

1. Monitor the status of SSL/TLS certificate OCSP responses in real-time on the PRTG dashboard.
2. Receive notifications promptly if OCSP responses indicate issues or certificate validation failures.
3. Investigate the root cause of OCSP response issues using PRTG's diagnostic tools, such as packet capture and log analysis.
4. Take appropriate actions to resolve issues, such as verifying OCSP responder availability, checking certificate configurations, or addressing network connectivity problems.

Optimization and Fine-Tuning

1. Regularly review monitoring thresholds and adjust them as needed to ensure accurate detection of OCSP response issues.
2. Fine-tune notification rules based on feedback and evolving security requirements.
3. Consider implementing additional security measures, such as certificate revocation checking and certificate expiration alerts, to enhance overall security posture.

By following the steps outlined in this manual, you can effectively utilize PRTG Network Monitor to monitor SSL/TLS certificate OCSP response issues and maintain the security and integrity of your network communications. Proactive monitoring, timely notifications, and thorough troubleshooting are essential for addressing certificate validation issues and ensuring a secure network environment.