I need to use nginx with client validation. Lots of good info about that. But I need to ensure that nginx verifies the certificate has not been revoked through CRL or OCSP checking. Is that part of ssl_verify_client on ? How can I specify a cached CRL location? --woody Posted at Nginx Forum: https://forum.nginx.org/read.php?2,271910,271910#msg-271910