Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

OCSP Service using up quite a bit of bandwidth

I have been tracking down an issue regarding our ISP bandwidth usage (very high).


I believe I have found an issue with the OCSP daemon (ocspd) using up quite a bit of bandwidth for no apparent reason - my initial tests seem to show that this daemon, under Mavericks, is using about 100MB of download bandwidth per day (approx 3GB per month). This is huge considering that this process is meant to cache retrieved results (assuming of course it is getting results).


As a further test, I had 2 Macs running Mavericks and 1 running ML overnight, with all machines running RubberNet to monitor per process bandwidth.

On both Mav machines, the ocspd daemon used up the traffic as per above but ML used no bandiwdth for the same process.


The implications here is that users with bandwidth limited connections (e.g. Satallite or Mobile) will use up much of their allowance when at idle hence my interest.


Can someone verify these findings?


Just a wild thought: Perhaps because the keychain is now sent to iCloud in Mav, I wonder if the certificates are being checked more often for security reasons.


Thanks

Emlyn

iMac, OS X Mavericks (10.9)

Posted on Nov 10, 2013 5:48 AM

Reply
130 replies

Mar 5, 2015 7:40 AM in response to emlynuk

Found this thread today, and I'm writing just to report that I'm having the same problem: I have to kill this connection

ocspd 55471 root 9u IPv4 0xffffff800cbcc6c0 0t0 TCP 192.168.8.101:54743->2.18.240.210:http (ESTABLISHED)

since it was downloading a large amount of data (hundreds of MB) (and I pay for every MB :/)


Date: March 5th, 2015

OS: Mac OS X 10.7.5 (build 11G63b)


I think that OS should have more options to control and turn off "auto-downloading" and "syncing" features when you are using a pay-per-use connection.

Jun 22, 2015 9:37 AM in response to Mik B

I has same issue. I disabled OCSP and CRL.

But I found a connection under com.apple.WebKit.WebContent process for ip 91.121.43.224. It uses 2 MB per minutes.

After creating a rule for denying access this connection, I terminated it and after some few seconds it re-appeared under com.apple.WebKit.Networking process and com.apple.WebKit.WebContent process.

At final I disabled it from accessing internet and I restarted Safari and anything is GOOOD! 🙂

Aug 30, 2015 6:43 AM in response to emlynuk

I came across this problem in a virtual OS X machine. Apart from the heavy bandwidth usage it also had the symptom of invalid certificates e.g. when checking for Little Snitch updates.

When surfing with safari it complained the certificates were not valid yet. The reason for that was that the system clock was way off (about one year). When I opened up the time settings the clock set itself via NTP and the certificate issue was gone.

In case of satellite systems that lack a NTP server this may be a possible reason for the ocspd problem?

Mar 1, 2016 10:33 AM in response to byronpk

Noticed the link to web archive was broken - here's a fixed URL:


http://web.archive.org/web/20141228212733/http://www.ellenburg.org/index.php/201 3/10/23/osx-10-9-mavericks-appstore-issu…


Huge thanks to all who investigated this - here in Ethiopia I pay nearly $60 for 8GB and if I overrun it costs about $20 a GB. Apple seems to think we all have limitless data and money. I'd gratefully switch back to Windows in a heartbeat if I didn't need Linux for work. Little Snitch has paid for itself many, many times over.


I caught ocspd downloading from dev-images.cdn.apple.com. I killed the connection after 80MB (by pulling out the 3G device) then blocked ocspd in Little Snitch, and have now also disabled ocspd and crl in Keychain Prefs / Certificates. I thought I'd blocked everything apple.com in hosts, but it is subdomain specific - now looking at dnsmasq https://passingcuriosity.com/2013/dnsmasq-dev-osx/ .

OCSP Service using up quite a bit of bandwidth

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.