diff --git a/.idea/.idea.FitConnect/.idea/.name b/.idea/.idea.FitConnect/.idea/.name
deleted file mode 100644
index 04b5af4f764eb04374cbc16e0e0def5774fddae9..0000000000000000000000000000000000000000
--- a/.idea/.idea.FitConnect/.idea/.name
+++ /dev/null
@@ -1 +0,0 @@
-FitConnect
\ No newline at end of file
diff --git a/FitConnect/Encryption/CertificateHelper.cs b/FitConnect/Encryption/CertificateHelper.cs
index f3dce0445321daef26026aaee570003ec7550012..4b773602bdc9700bbd9bcf299f5054242ab837ec 100644
--- a/FitConnect/Encryption/CertificateHelper.cs
+++ b/FitConnect/Encryption/CertificateHelper.cs
@@ -14,16 +14,15 @@ public class CertificateHelper {
         _logger = logger;
     }
 
-    internal bool ValidateCertificate(string keyJson, LogLevel logLevel) =>
-        ValidateCertificate(new JsonWebKey(keyJson), logLevel);
+    internal bool ValidateCertificate(string keyJson, LogLevel logLevel,
+        X509Certificate2? rootCertificate = null) =>
+        ValidateCertificate(new JsonWebKey(keyJson), logLevel, rootCertificate);
 
-    internal bool ValidateCertificate(JsonWebKey key, LogLevel logLevel = LogLevel.Error) {
+    internal bool ValidateCertificate(JsonWebKey key, LogLevel logLevel = LogLevel.Error,
+        X509Certificate2? root = null) {
         var certificates = key.X5c.Select(s => new X509Certificate2(Convert.FromBase64String(s)))
             .ToList();
 
-        X509Certificate2? root = null; //new X509Certificate2("./certificates/root.pem");
-
-
         _logger?.LogTrace("Found {Count} certificate(s)", certificates.Count);
 
         var valid = certificates.Aggregate(true,
@@ -44,13 +43,23 @@ public class CertificateHelper {
 
 
         if (rootCertificate != null) {
-            certificateChain.ChainPolicy.CustomTrustStore.Add(rootCertificate);
             certificateChain.ChainPolicy.TrustMode = X509ChainTrustMode.CustomRootTrust;
+            certificateChain.ChainPolicy.CustomTrustStore.Add(rootCertificate);
+            certificateChain.ChainPolicy.RevocationMode = X509RevocationMode.NoCheck;
+            certificateChain.ChainPolicy.RevocationFlag = X509RevocationFlag.ExcludeRoot;
+            certificateChain.ChainPolicy.DisableCertificateDownloads = true;
+            certificateChain.ChainPolicy.VerificationFlags =
+                X509VerificationFlags.IgnoreRootRevocationUnknown |
+                X509VerificationFlags.IgnoreCertificateAuthorityRevocationUnknown |
+                X509VerificationFlags.IgnoreCtlSignerRevocationUnknown;
+            _logger?.LogDebug("Using custom root certificate");
+        }
+        else {
+            certificateChain.ChainPolicy.RevocationMode = X509RevocationMode.Online;
+            certificateChain.ChainPolicy.RevocationFlag = X509RevocationFlag.EntireChain;
         }
 
-        certificateChain.ChainPolicy.RevocationMode = X509RevocationMode.Online;
-        certificateChain.ChainPolicy.RevocationFlag = X509RevocationFlag.ExcludeRoot;
-        certificateChain.ChainPolicy.VerificationFlags = X509VerificationFlags.NoFlag;
+        certificateChain.ChainPolicy.VerificationFlags = X509VerificationFlags.AllFlags;
         certificateChain.ChainPolicy.UrlRetrievalTimeout = new TimeSpan(0, 0, 30);
 
         var result = certificateChain.Build(certificate);
diff --git a/IntegrationTests/CertificateValidation.cs b/IntegrationTests/CertificateValidation.cs
index 8b0c1fad2e933fc7d115e9be59f9cfd22eb3a055..cc1c5ccca84fca0ca7e1265fb9a8d726d90869ec 100644
--- a/IntegrationTests/CertificateValidation.cs
+++ b/IntegrationTests/CertificateValidation.cs
@@ -40,6 +40,7 @@ public class CertificateValidation {
     }
 
     [Test]
+    [Ignore("No credentials for dev environment")]
     public void CheckCertificateInEnvironment_Dev() {
         var environment = FitConnectEnvironment.Develop;
         var sender = Client.GetSender(environment, _settings.SenderClientId,
@@ -64,8 +65,10 @@ public class CertificateValidation {
         new CertificateHelper(_logger).ValidateCertificate(JsonWebKey.Create(certificate),
             LogLevel.Trace);
     }
+    
 
     [Test]
+    [Ignore("No credentials for staging environment")]
     public void CheckCertificateInEnvironment_Staging() {
         var environment = FitConnectEnvironment.Staging;
         var sender = Client.GetSender(environment, _settings.SenderClientId,
@@ -81,6 +84,7 @@ public class CertificateValidation {
     }
 
     [Test]
+    [Ignore("No credentials for production environment")]
     public void CheckCertificateInEnvironment_Production() {
         var environment = FitConnectEnvironment.Production;
         var sender = Client.GetSender(environment, _settings.SenderClientId,
@@ -150,10 +154,10 @@ public class CertificateValidation {
 
             if (fileName.EndsWith(".json")) {
                 var shouldFail = !fileName.Contains("/valid");
-
+                var root = new X509Certificate2("./certificates/root.pem");
                 var jwk = new JsonWebKey(File.ReadAllText(fileName));
                 var valid = _certificateHelper.ValidateCertificate(jwk,
-                    shouldFail ? LogLevel.Trace : LogLevel.Critical);
+                    shouldFail ? LogLevel.Trace : LogLevel.Critical, root);
 
                 if (shouldFail)
                     valid = !valid;