Hi, according to the documentation file referenced by ssl_ca must contain the Client certificate CA and the corresponding CRL. Thus dovecot would have to receive SIGHUP to reload a new CRL. Did I understand this correctly? Regards, Matthias-Christian