diff --git a/src/include/lib3270.h b/src/include/lib3270.h
index cc4e05d..577ae29 100644
--- a/src/include/lib3270.h
+++ b/src/include/lib3270.h
@@ -466,6 +466,17 @@
 	 LIB3270_EXPORT int lib3270_set_url(H3270 *h, const char *url);
 
 	/**
+	 * @brief Set URL for the certificate revocation list.
+	 *
+	 * @param hSession	Session handle.
+	 * @param crl		URL for the certificate revocation list.
+	 *
+	 * @return 0 on sucess, non zero on error (sets errno).
+	 *
+	 */
+	 LIB3270_EXPORT int lib3270_set_crl(H3270 *hSession, const char *crl);
+
+	/**
 	 * @brief Get hostname for the connect/reconnect operations.
 	 *
 	 * @param h		Session handle.
@@ -1174,7 +1185,7 @@
 
 	LIB3270_EXPORT void * lib3270_malloc(int len);
 	LIB3270_EXPORT void * lib3270_realloc(void *p, int len);
-	LIB3270_EXPORT void * lib3270_replace(void **p, void *ptr);
+//	LIB3270_EXPORT void * lib3270_replace(void **p, void *ptr);
 	LIB3270_EXPORT void * lib3270_strdup(const char *str);
 
 	#define LIB3270_AUTOPTR_FUNC_NAME(TypeName) lib3270_autoptr_cleanup_##TypeName
diff --git a/src/lib3270/properties.c b/src/lib3270/properties.c
index 9b18ba4..3622ee6 100644
--- a/src/lib3270/properties.c
+++ b/src/lib3270/properties.c
@@ -285,6 +285,43 @@
 	return lib3270_get_revision();
  }
 
+ int lib3270_set_crl(H3270 *hSession, const char *crl)
+ {
+
+    FAIL_IF_ONLINE(hSession);
+
+#ifdef SSL_ENABLE_CRL_CHECK
+
+	if(hSession->ssl.crl)
+	{
+		free(hSession->ssl.crl);
+		hSession->ssl.crl = NULL;
+	}
+
+	if(crl)
+	{
+		hSession->ssl.crl = strdup(crl);
+	}
+
+	return 0;
+
+#else
+
+	return errno = ENOTSUP;
+
+#endif // SSL_ENABLE_CRL_CHECK
+
+ }
+
+ static const char * lib3270_get_crl(H3270 *hSession)
+ {
+#ifdef SSL_ENABLE_CRL_CHECK
+	if(hSession->ssl.crl)
+		return hSession->ssl.crl;
+#endif
+ 	return "";
+ }
+
  LIB3270_EXPORT const LIB3270_STRING_PROPERTY * lib3270_get_string_properties_list(void)
  {
 	 static const LIB3270_STRING_PROPERTY properties[] = {
@@ -345,6 +382,14 @@
 			NULL										//  Set value.
 		},
 
+		{
+			"crl",										//  Property name.
+			N_( "URL for the CRL file" ),				//  Property description.
+			lib3270_get_crl,							//  Get value.
+			lib3270_set_crl,							//  Set value.
+		},
+
+
 		/*
 		{
 			"",											//  Property name.
diff --git a/src/lib3270/ssl/negotiate.c b/src/lib3270/ssl/negotiate.c
index c7a19bf..9a86a6d 100644
--- a/src/lib3270/ssl/negotiate.c
+++ b/src/lib3270/ssl/negotiate.c
@@ -217,7 +217,7 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
 	default:
 
 		debug("Unexpected or invalid TLS/SSL verify result %d",rv);
-		trace_dsn(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv);
+		trace_ssl(hSession,"Unexpected or invalid TLS/SSL verify result %d\n",rv);
 	}
 
 	if(lib3270_get_toggle(hSession,LIB3270_TOGGLE_SSL_TRACE))
@@ -226,7 +226,7 @@ static int background_ssl_negotiation(H3270 *hSession, void *message)
 		int 				  alg_bits		= 0;
 		const SSL_CIPHER	* cipher		= SSL_get_current_cipher(hSession->ssl.con);
 
-		trace_dsn(hSession,"TLS/SSL cipher description: %s",SSL_CIPHER_description((SSL_CIPHER *) cipher, buffer, 4095));
+		trace_ssl(hSession,"TLS/SSL cipher description: %s",SSL_CIPHER_description((SSL_CIPHER *) cipher, buffer, 4095));
 		SSL_CIPHER_get_bits(cipher, &alg_bits);
 		trace_ssl(hSession,"%s version %s with %d bits\n",
 						SSL_CIPHER_get_name(cipher),
@@ -342,16 +342,16 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
 	switch(where)
 	{
 	case SSL_CB_CONNECT_LOOP:
-		trace_dsn(hSession,"SSL_connect: %s %s\n",SSL_state_string(s), SSL_state_string_long(s));
+		trace_ssl(hSession,"SSL_connect: %s %s\n",SSL_state_string(s), SSL_state_string_long(s));
 		break;
 
 	case SSL_CB_CONNECT_EXIT:
 
-		trace_dsn(hSession,"%s: SSL_CB_CONNECT_EXIT\n",__FUNCTION__);
+		trace_ssl(hSession,"%s: SSL_CB_CONNECT_EXIT\n",__FUNCTION__);
 
 		if (ret == 0)
 		{
-			trace_dsn(hSession,"SSL_connect: failed in %s\n",SSL_state_string_long(s));
+			trace_ssl(hSession,"SSL_connect: failed in %s\n",SSL_state_string_long(s));
 		}
 		else if (ret < 0)
 		{
@@ -379,7 +379,7 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
 				err_buf[0] = '\0';
 			}
 
-			trace_dsn(hSession,"SSL Connect error %d\nMessage: %s\nState: %s\nAlert: %s\n",
+			trace_ssl(hSession,"SSL Connect error %d\nMessage: %s\nState: %s\nAlert: %s\n",
 							ret,
 							err_buf,
 							SSL_state_string_long(s),
@@ -390,7 +390,7 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
 		break;
 
 	default:
-		trace_dsn(hSession,"SSL Current state is \"%s\"\n",SSL_state_string_long(s));
+		trace_ssl(hSession,"SSL Current state is \"%s\"\n",SSL_state_string_long(s));
 	}
 
 #ifdef DEBUG
@@ -401,11 +401,11 @@ void ssl_info_callback(INFO_CONST SSL *s, int where, int ret)
 #endif
 
 	if(where & SSL_CB_ALERT)
-		trace_dsn(hSession,"SSL ALERT: %s\n",SSL_alert_type_string_long(ret));
+		trace_ssl(hSession,"SSL ALERT: %s\n",SSL_alert_type_string_long(ret));
 
 	if(where & SSL_CB_HANDSHAKE_DONE)
 	{
-		trace_dsn(hSession,"%s: SSL_CB_HANDSHAKE_DONE state=%04x\n",__FUNCTION__,SSL_get_state(s));
+		trace_ssl(hSession,"%s: SSL_CB_HANDSHAKE_DONE state=%04x\n",__FUNCTION__,SSL_get_state(s));
 		if(SSL_get_state(s) == SSL_ST_OK)
 			set_ssl_state(hSession,LIB3270_SSL_NEGOTIATED);
 		else
--
libgit2 0.21.2