diff --git a/conf/ocsp-verify.sh b/conf/ocsp-verify.sh
index 7730c02..427fa63 100755
--- a/conf/ocsp-verify.sh
+++ b/conf/ocsp-verify.sh
@@ -5,9 +5,9 @@ depth=$1
 # Only check client certificate (depth 0)
 env >> /etc/openvpn/server/ocsp_env.log
 if [ "$depth" -eq 0 ]; then
-    echo "Checking OCSP for peer_cert=$peer_cert" >> /etc/openvpn/server/ocsp.log
-    if [ -n "$peer_cert" ]; then
-        status=$(openssl ocsp -issuer /etc/openvpn/server/ca.crt -cert "$peer_cert" -url http://10.60.0.1:8888 -CAfile /etc/openvpn/server/ca.crt 2>>/etc/openvpn/server/ocsp.log)
+    echo "Checking OCSP for serial=$tls_serial_0" >> /etc/openvpn/server/ocsp.log
+    if [ -n "$tls_serial_0" ]; then
+        status=$(openssl ocsp -issuer /etc/openvpn/server/ca.crt -serial "0x$tls_serial_0" -url http://10.60.0.1:8888 -CAfile /etc/openvpn/server/ca.crt 2>>/etc/openvpn/server/ocsp.log)
         echo "OCSP Status: $status" >> /etc/openvpn/server/ocsp.log
         
         if echo "$status" | grep -q "revoked"; then
@@ -23,7 +23,7 @@ if [ "$depth" -eq 0 ]; then
         echo "Result: UNKNOWN/ERROR" >> /etc/openvpn/server/ocsp.log
         exit 1
     else
-        echo "peer_cert is empty!" >> /etc/openvpn/server/ocsp.log
+        echo "tls_serial_0 is empty!" >> /etc/openvpn/server/ocsp.log
         exit 1
     fi
 fi