Use the certificate revocation list
--x509-use-crl
x509-use-crl specifies that the server
instance uses the certificate revocation list. By default, instances
do not use any certificate revocation lists. In case, the CRLs in
the CA store are ignored.
If x509-use-crl is added, the CRLs are loaded
and participate in the client certificate verification. If the CRL
has expired, the SSL handshake is rejected.
The instance uses certificate revocation list when authenticating clients.
--x509-use-crl