diff --git a/phase4-peppol-server-webapp/src/main/java/com/helger/phase4/peppol/server/servlet/Phase4PeppolWebAppListener.java b/phase4-peppol-server-webapp/src/main/java/com/helger/phase4/peppol/server/servlet/Phase4PeppolWebAppListener.java
index e4cac4ced..488dde77e 100644
--- a/phase4-peppol-server-webapp/src/main/java/com/helger/phase4/peppol/server/servlet/Phase4PeppolWebAppListener.java
+++ b/phase4-peppol-server-webapp/src/main/java/com/helger/phase4/peppol/server/servlet/Phase4PeppolWebAppListener.java
@@ -290,7 +290,8 @@ private static void _initPeppolAS4 ()
 
     // Check if the certificate is really a Peppol AP certificate - fail early
     // if something is misconfigured
-    // No CRL/OCSP check for performance
+    // * Do not cache result
+    // * Use the global checking mode or provide a new one
     final boolean bPerformOCSP = true;
     final EPeppolCertificateCheckResult eCheckResult = PeppolCertificateChecker.checkPeppolAPCertificate (aAPCert,
                                                                                                           MetaAS4Manager.getTimestampMgr ()
diff --git a/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolServletMessageProcessorSPI.java b/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolServletMessageProcessorSPI.java
index fd1b0f7b5..8f8905579 100644
--- a/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolServletMessageProcessorSPI.java
+++ b/phase4-peppol-servlet/src/main/java/com/helger/phase4/peppol/servlet/Phase4PeppolServletMessageProcessorSPI.java
@@ -604,9 +604,11 @@ public AS4MessageProcessorResult processAS4UserMessage (@Nonnull final IAS4Incom
 
     if (getCheckSigningCertificateRevocation ().getAsBooleanValue (Phase4PeppolServletConfiguration.isCheckSigningCertificateRevocation ()))
     {
-      // Check if signing certificate is revoked
       final OffsetDateTime aNow = MetaAS4Manager.getTimestampMgr ().getCurrentDateTime ();
       final X509Certificate aSenderCert = aState.getUsedCertificate ();
+      // Check if signing AP certificate is revoked
+      // * Use global caching setting
+      // * Use global certificate check mode
       final EPeppolCertificateCheckResult eCertCheckResult = PeppolCertificateChecker.checkPeppolAPCertificate (aSenderCert,
                                                                                                                 aNow,
                                                                                                                 ETriState.UNDEFINED,
diff --git a/phase4-spring-boot-demo/src/main/java/com/helger/phase4/springboot/servlet/ServletConfig.java b/phase4-spring-boot-demo/src/main/java/com/helger/phase4/springboot/servlet/ServletConfig.java
index aeddb0051..3098bae23 100644
--- a/phase4-spring-boot-demo/src/main/java/com/helger/phase4/springboot/servlet/ServletConfig.java
+++ b/phase4-spring-boot-demo/src/main/java/com/helger/phase4/springboot/servlet/ServletConfig.java
@@ -177,6 +177,9 @@ private static void _initPeppolAS4 ()
     // TODO This block SHOULD be uncommented once you have a Peppol certificate
     if (false)
     {
+      // Check that your Peppol AP certificate is valid
+      // * No caching
+      // * Use global certificate check mode
       final EPeppolCertificateCheckResult eCheckResult = PeppolCertificateChecker.checkPeppolAPCertificate (aAPCert,
                                                                                                             MetaAS4Manager.getTimestampMgr ()
                                                                                                                           .getCurrentDateTime (),