diff --git a/src/utils/cryptopro.c b/src/utils/cryptopro.c
index 6e99b07..ae93f49 100644
--- a/src/utils/cryptopro.c
+++ b/src/utils/cryptopro.c
@@ -103,18 +103,17 @@ get_cert_chain(PCCERT_CONTEXT certificate)
 
 
     if (!cp_function_list.CertGetCertificateChain(NULL, 
-                                                    certificate, 
-                                                    NULL, 
-                                                    NULL, 
-                                                    &chain_para,
-                                                    (CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT),
-                                                    NULL, 
-                                                    &chain_ctx)) {
+                    certificate, 
+                    NULL, 
+                    NULL, 
+                    &chain_para,
+                    (CERT_CHAIN_CACHE_END_CERT | CERT_CHAIN_REVOCATION_CHECK_CHAIN_EXCLUDE_ROOT),
+                    NULL, 
+                    &chain_ctx)) {
         LOG_ERROR("CertGetCertificateChain() failed");
         goto error;
     }
-    LOG_DEBUG("Trust error status: '0x%08x'", chain_ctx->TrustStatus.dwErrorStatus);
-    LOG_DEBUG("Trust info status: '0x%08x'", chain_ctx->TrustStatus.dwInfoStatus);
+
     if (chain_ctx->TrustStatus.dwErrorStatus) {
         LOG_WARN("The certificate is not trusted. CERT_TRUST_STATUS: '0x%08x'", 
                     chain_ctx->TrustStatus.dwErrorStatus);
@@ -130,21 +129,6 @@ error:
     return NULL;
 }
 
-static const char* 
-get_cert_chain_policy_status_error_desc(DWORD err)
-{
-    // TODO-8703
-    switch(err) {
-        case CERT_E_UNTRUSTEDROOT:
-            return "CERT_E_UNTRUSTEDROOT";
-        case CERT_E_CHAINING:
-            return "CERT_E_CHAINING";
-        default:
-            break;
-    }
-    return "Unknown error";
-}
-
 static bool
 check_cert_chain_policy(PCCERT_CHAIN_CONTEXT chain_ctx)
 {
@@ -164,8 +148,7 @@ check_cert_chain_policy(PCCERT_CHAIN_CONTEXT chain_ctx)
     status.pvExtraPolicyStatus = &extraStatus;
 
     if (!cp_function_list.CertVerifyCertificateChainPolicy(
-            CERT_CHAIN_POLICY_BASE, 
-            // TODO-8703: CPCERT_CHAIN_POLICY_SIGNATURE 
+            CPCERT_CHAIN_POLICY_SIGNATURE,
             chain_ctx, 
             &policy_para,
             &status)) {
@@ -176,15 +159,13 @@ check_cert_chain_policy(PCCERT_CHAIN_CONTEXT chain_ctx)
 
     if (status.dwError != 0) {
         LOG_WARN("The certificate chain cannot be validated. "
-                 "CertVerifyCertificateChainPolicy status: %s('0x%08x')", 
-                    get_cert_chain_policy_status_error_desc(status.dwError), status.dwError);
+                 "CERT_CHAIN_POLICY_STATUS: '0x%08x'", status.dwError);
         goto exit;
     }
 
     if (extraStatus.dwError != 0) {
         LOG_WARN("The certificate chain cannot be validated. "
-                 "CertVerifyCertificateChainPolicy extra status: %s('0x%08x')", 
-                    get_cert_chain_policy_status_error_desc(status.dwError), status.dwError);
+                 "CPSIGNATURE_EXTRA_CERT_CHAIN_POLICY_STATUS: '0x%08x'", extraStatus.dwError);
         goto exit;
     }