diff --git a/FitConnect/Encryption/CertificateHelper.cs b/FitConnect/Encryption/CertificateHelper.cs
index 4b773602bdc9700bbd9bcf299f5054242ab837ec..c0c702e69645aaae53dd6a176a8835a21907ed71 100644
--- a/FitConnect/Encryption/CertificateHelper.cs
+++ b/FitConnect/Encryption/CertificateHelper.cs
@@ -22,6 +22,7 @@ public class CertificateHelper {
         X509Certificate2? root = null) {
         var certificates = key.X5c.Select(s => new X509Certificate2(Convert.FromBase64String(s)))
             .ToList();
+        // root ??= new X509Certificate2(Convert.FromBase64String(key.X5t));
 
         _logger?.LogTrace("Found {Count} certificate(s)", certificates.Count);
 
@@ -30,7 +31,7 @@ public class CertificateHelper {
                               && ValidateCertificate(cert, out _,
                                   root,
                                   logLevel)
-                              && cert.Verify()
+            //&& cert.Verify()
         );
         return valid;
     }
@@ -48,10 +49,7 @@ public class CertificateHelper {
             certificateChain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
             certificateChain.ChainPolicy.RevocationFlag = X509RevocationFlag.ExcludeRoot;
             certificateChain.ChainPolicy.DisableCertificateDownloads = true;
-            certificateChain.ChainPolicy.VerificationFlags =
-                X509VerificationFlags.IgnoreRootRevocationUnknown |
-                X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown |
-                X509VerificationFlags.IgnoreCtlSignerRevocationUnknown;
+            certificateChain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllFlags;
             _logger?.LogDebug("Using custom root certificate");
         }
         else {
@@ -59,17 +57,18 @@ public class CertificateHelper {
             certificateChain.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain;
         }
 
-        certificateChain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllFlags;
+        certificateChain.ChainPolicy.VerificationFlags = X509VerificationFlags.NoFlag;
         certificateChain.ChainPolicy.UrlRetrievalTimeout = new TimeSpan(0, 0, 30);
 
         var result = certificateChain.Build(certificate);
 
-        chainStatus = certificateChain.ChainStatus;
+        chainStatus = certificateChain.ChainStatus
+            .Where(s => s.Status != X509ChainStatusFlags.PartialChain).ToArray();
 
         var statusAggregation = certificateChain.ChainStatus.Aggregate("",
             (r, s) => r + "\n\t - " + s.Status + ": " + s.StatusInformation);
 
-        if (!string.IsNullOrWhiteSpace(statusAggregation))
+        if (!result)
             _logger?.Log(logLevel, "Certificate status: {ObjStatusInformation}",
                 statusAggregation);
         return result;
diff --git a/IntegrationTests/CertificateValidation.cs b/IntegrationTests/CertificateValidation.cs
index cc1c5ccca84fca0ca7e1265fb9a8d726d90869ec..b4add4c74c8cb751099494d64d89beb5dd3b98d3 100644
--- a/IntegrationTests/CertificateValidation.cs
+++ b/IntegrationTests/CertificateValidation.cs
@@ -1,4 +1,5 @@
 using System;
+using System.Collections.Generic;
 using System.IO;
 using System.Linq;
 using System.Net;
@@ -65,7 +66,7 @@ public class CertificateValidation {
         new CertificateHelper(_logger).ValidateCertificate(JsonWebKey.Create(certificate),
             LogLevel.Trace);
     }
-    
+
 
     [Test]
     [Ignore("No credentials for staging environment")]
@@ -135,6 +136,7 @@ public class CertificateValidation {
         var files = System.IO.Directory.GetFiles("./certificates");
         var success = 0;
         var failed = 0;
+        var failedCerts = new List<string>();
 
         foreach (var fileName in files.Where(f => !f.EndsWith("root.pem"))) {
             _logger.LogInformation("Checking file: {FileName}", fileName);
@@ -149,6 +151,7 @@ public class CertificateValidation {
                 }
                 else {
                     failed++;
+                    failedCerts.Add(fileName);
                 }
             }
 
@@ -167,10 +170,12 @@ public class CertificateValidation {
                 }
                 else {
                     failed++;
+                    failedCerts.Add(fileName);
                 }
             }
         }
 
+        _logger.LogWarning("Failed certificates: {certs}", failedCerts.Aggregate("\n", (a,b)=>a+"\n\t - "+b));
         _logger.LogInformation("Success: {Success}, Failed: {Failed}", success, failed);
         failed.Should().Be(0);
     }
diff --git a/IntegrationTests/IntegrationTests.csproj b/IntegrationTests/IntegrationTests.csproj
index d666140b81c9e71e541c2ee9535b7d962ba541cf..341f97904c14f5ac564fae7d68aeede15c5b56f1 100644
--- a/IntegrationTests/IntegrationTests.csproj
+++ b/IntegrationTests/IntegrationTests.csproj
@@ -42,7 +42,7 @@
         <None Update="certificates\validEncJW_KeyUse.json">
           <CopyToOutputDirectory>Always</CopyToOutputDirectory>
         </None>
-        <None Update="certificates\ValidEncJWK.json">
+        <None Update="certificates\validEncJWK.json">
           <CopyToOutputDirectory>Always</CopyToOutputDirectory>
         </None>
         <None Update="certificates\validSigJWK.json">