Execution problems
      Back to home
      1. Knowledge Base
      2. Scripts
      3. Execution problems

      OCSP Requests

      Loading the AD module takes longer than average

      Troubleshooting

      Use the Processs Monitor for troubleshooting

      • system DLLs are loaded when the AD module is started in the SRXPSHost.exe process
      • search the timeline for SRXPSHost.exe process where the time loss occurs
      • view the detailed activities in the relevant time period, what is loaded, what is called via the network
        → OCSP requests are on the certificate revocation list (expired certificates)
      • (Optional) Call URL in browser and check what comes back

      Solution

      • Allow OCSP requests / https request on certificate revocation list. 

      Alternative solution

      • Use internal OCSP resolver. Infrastructure must be designed for this.
      • Bypass proxies between ScriptRunner server and the Internet for system requests or impersonated processes. When using proxies, the OS of the ScriptRunner Server must enter the system-level proxies and impersonations via GPO or manually.