diff --git a/README.md b/README.md
index 6990e3f6..374d5706 100644
--- a/README.md
+++ b/README.md
@@ -286,6 +286,8 @@ They depend on several other libraries so I suggest you are going for the Maven
 
 # News and noteworthy
 
+* v9.2.3 - 2024-01-10
+    * Changed the default checking mode in `CertificateRevocationChecker` from `OCSP` to `CRL_BEFORE_OCSP` due to https://github.com/phax/phase4/issues/124#issuecomment-1884398195
 * v9.2.2 - 2024-01-08
     * Extended `PeppolSBDHDocumentReader` API to allow to disable check for mandatory C1 Country Code via `.setCheckForCountryC1(boolean)`
 * v9.2.1 - 2024-01-07
diff --git a/peppol-commons/src/main/java/com/helger/peppol/utils/CertificateRevocationChecker.java b/peppol-commons/src/main/java/com/helger/peppol/utils/CertificateRevocationChecker.java
index e35a66b9..89addd48 100644
--- a/peppol-commons/src/main/java/com/helger/peppol/utils/CertificateRevocationChecker.java
+++ b/peppol-commons/src/main/java/com/helger/peppol/utils/CertificateRevocationChecker.java
@@ -77,8 +77,9 @@
 @ThreadSafe
 public final class CertificateRevocationChecker
 {
-  // By default OCSP is preferred over CRL
-  public static final ERevocationCheckMode DEFAULT_REVOCATION_CHECK_MODE = ERevocationCheckMode.OCSP_BEFORE_CRL;
+  // By default CRL is preferred over OCSP because of
+  // https://github.com/phax/phase4/issues/124
+  public static final ERevocationCheckMode DEFAULT_REVOCATION_CHECK_MODE = ERevocationCheckMode.CRL_BEFORE_OCSP;
   public static final boolean DEFAULT_ALLOW_SOFT_FAIL = false;
   public static final boolean DEFAULT_ALLOW_EXEC_SYNC = true;