Skip to content
TLSCheck

Configuration

Environment Variables

Section titled “Environment Variables”

The API service can be configured using the following environment variables:

VariableDefaultDescription
PORT3000HTTP server port
HOST::Host to bind to (supports IPv6)
LOG_LEVELinfoLogging level (debug, info, warn, error)
REQUEST_TIMEOUT_MS8000Timeout for certificate fetch requests
RATE_LIMIT_WINDOW_MS60000Rate limit window in milliseconds
RATE_LIMIT_MAX30Maximum requests per rate limit window
MAX_BODY_BYTES4096Maximum request body size
REVOCATION_MODEocspRevocation check mode: ocsp, crl, or off
CACHE_TTL_MS1800000Cache TTL in milliseconds (default: 30 minutes)
APP_VERSIONdevApplication version string
METRICS_ENABLEDfalseEnable metrics endpoint
METRICS_API_KEY-API key required to access metrics endpoint

Running from Source

Section titled “Running from Source”

Development Mode

Section titled “Development Mode”
Terminal window
npm run start:api:ts

Production Build

Section titled “Production Build”
Terminal window
npm run build:api
npm run start:api

Configuration Example

Section titled “Configuration Example”
Terminal window
# Set custom port and enable verbose logging
export PORT=8080
export LOG_LEVEL=debug


# Configure caching (10 minutes)
export CACHE_TTL_MS=600000


# Disable revocation checks
export REVOCATION_MODE=off


# Run the API
npm run start:api

API Configuration Endpoint

Section titled “API Configuration Endpoint”

The API exposes a public configuration endpoint at GET /api/config that returns:

{
  "cacheTtlMs": 1800000,
  "revocationMode": "ocsp"
}

This endpoint is used by the extension to fetch cache settings and revocation mode.

Metrics Endpoint

Section titled “Metrics Endpoint”

The API exposes a metrics endpoint at GET /api/metrics when enabled.

Enabling Metrics

Section titled “Enabling Metrics”
Terminal window
export METRICS_ENABLED=true
export METRICS_API_KEY=your-secret-key

Accessing Metrics

Section titled “Accessing Metrics”
Terminal window
curl -H "X-API-Key: your-secret-key" http://localhost:3000/metrics

Response Example

Section titled “Response Example”
{
  "totalRequests": 150,
  "successfulRequests": 145,
  "failedRequests": 5,
  "cacheHits": 80,
  "cacheMisses": 70,
  "cacheHitRate": 53.33,
  "revocationChecks": 70,
  "revocationGood": 65,
  "revocationRevoked": 3,
  "revocationErrors": 1,
  "revocationUnsupported": 1,
  "revocationGoodRate": 92.86,
  "revocationRevokedRate": 4.29,
  "averageResponseTimeMs": 245,
  "uptimeSeconds": 3600,
  "startedAt": "2026-03-04T12:00:00.000Z",
  "requestsByStatus": {
    "200": 145,
    "502": 5
  },
  "requestsByError": {
    "certificate_fetch_error": 5
  }
}

Metrics Description

Section titled “Metrics Description”
MetricDescription
totalRequestsTotal number of requests
successfulRequestsRequests that returned 200 OK
failedRequestsRequests that returned errors
cacheHitsRequests served from cache
cacheMissesRequests that required new certificate fetch
cacheHitRatePercentage of requests served from cache
revocationChecksTotal revocation checks performed
revocationGoodCertificates with “good” revocation status
revocationRevokedCertificates marked as revoked
revocationErrorsRevocation check errors
revocationUnsupportedCertificates without revocation info
averageResponseTimeMsAverage response time in milliseconds
uptimeSecondsTime since API started
requestsByStatusRequests grouped by HTTP status code
requestsByErrorFailed requests grouped by error type