# Performance Impact This health check identifies roles where `no_store` is explicitly set to `false`, which can lead to performance degradation if certificate volumes are high and CRL auto-rebuilding is not enabled. **Health Check Name: `role_no_store_false`** #### **Accessed APIs** | Method | Endpoint | Description | | ------ | -------------- | -------------------------------------------- | | LIST | `/roles` | Lists all configured roles. | | READ | `/roles/:name` | Reads the configuration for a specific role. | | LIST | `/certs` | Lists all certificates issued. | | READ | `/config/crl` | Reads the CRL configuration. | #### **Configuration Parameters** | Parameter | Type | Default | Description | | --------------- | ---- | ------- | ------------------------------------------------------- | | `allowed_roles` | list | `nil` | A list of role names to exclude from this health check. | #### **Health Check Results** | Check Criteria | Description | | ---------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `no_store=false` | If a role has `no_store` explicitly set to `false`, vHSM issues a warning. This can negatively impact performance, especially when managing a large number of certificates and when CRL auto-rebuilding is not enabled. | #### **Recommended Actions** * Update non-ACME roles to use `no_store=false`.\ **Note:** ACME roles must have `no_store=true`. * Set certificate lifetimes as short as possible to reduce the load on CRL and storage systems. * Use Bring Your Own Certificate (BYOC) revocations to revoke certificates proactively when necessary.