diff --git a/ex1/Makefile b/ex1/Makefile
index a01df18..a7fccdc 100644
--- a/ex1/Makefile
+++ b/ex1/Makefile
@@ -4,5 +4,8 @@ LDLIBS += -ltls -lssl -lcrypto
 
 all: client server
 
+client: client.o report_tls.o
+	$(CC) $(CFLAGS) -o client client.o report_tls.o $(LDLIBS)
+
 clean:
 	/bin/rm -f client server *.o
diff --git a/ex1/client.c b/ex1/client.c
index 1c5f402..ff8d2b4 100644
--- a/ex1/client.c
+++ b/ex1/client.c
@@ -32,6 +32,7 @@
 #include <unistd.h>
 #include <tls.h>
 
+extern void report_tls(struct tls * tls_ctx, char * host);
 
 
 static void usage()
@@ -91,6 +92,10 @@ int main(int argc, char *argv[])
 		errx(1, "unable to allocate TLS config");
 	if (tls_config_set_ca_file(tls_cfg, "../CA/root.pem") == -1)
 		errx(1, "unable to set root CA file");
+#if 0
+	if (tls_config_set_crl_file(tls_cfg, "../CA/intermediate/crl/intermediate.crl.pem") == -1)
+		errx(1, "unable to set crl file");
+#endif
 
 	/* ok now get a socket. we don't care where... */
 	if ((sd=socket(AF_INET,SOCK_STREAM,0)) == -1)
@@ -115,6 +120,8 @@ int main(int argc, char *argv[])
 			    tls_error(tls_ctx));
 	} while (i == TLS_WANT_POLLIN || i == TLS_WANT_POLLOUT);
 
+	report_tls(tls_ctx, "localhost");
+
 	/*
 	 * finally, we are connected. find out what magnificent wisdom
 	 * our server is going to send to us - since we really don't know
diff --git a/ex1/server.c b/ex1/server.c
index 0a34d41..9640c66 100644
--- a/ex1/server.c
+++ b/ex1/server.c
@@ -97,10 +97,21 @@ int main(int argc,  char *argv[])
 		errx(1, "unable to allocate TLS config");
 	if (tls_config_set_ca_file(tls_cfg, "../CA/root.pem") == -1)
 		errx(1, "unable to set root CA filet");
+#if 1
 	if (tls_config_set_cert_file(tls_cfg, "../CA/server.crt") == -1)
 		errx(1, "unable to set TLS certificate file");
 	if (tls_config_set_key_file(tls_cfg, "../CA/server.key") == -1)
 		errx(1, "unable to set TLS key file");
+	if (tls_config_set_ocsp_staple_file(tls_cfg, "../CA/server.crt-ocsp.der") == -1)
+		errx(1, "unable to set OCSP staple file");
+#else
+	if (tls_config_set_cert_file(tls_cfg, "../CA/revoked.crt") == -1)
+		errx(1, "unable to set TLS certificate file");
+	if (tls_config_set_key_file(tls_cfg, "../CA/revoked.key") == -1)
+		errx(1, "unable to set TLS key file");
+	if (tls_config_set_ocsp_staple_file(tls_cfg, "../CA/revoked.crt-ocsp.der") == -1)
+		errx(1, "unable to set OCSP staple file");
+#endif
 	if ((tls_ctx = tls_server()) == NULL)
 		errx(1, "tls server creation failed");
 	if (tls_configure(tls_ctx, tls_cfg) == -1)