diff --git a/node_auth.go b/node_auth.go
index 7b4707a..5ca1a21 100644
--- a/node_auth.go
+++ b/node_auth.go
@@ -378,6 +378,8 @@ func (n *nodeAuth) verifySignature(m Message) bool {
 		return true
 	}
 
+	log.Printf(" * DEBUG: verifySignature: EnableSignatureCheck set to true\n")
+
 	// NB: Only enable signature checking for REQCliCommand for now.
 	if m.Method != REQCliCommand {
 		// fmt.Printf(" * DEBUG: verifySignature: WAS OTHER THAN CLI COMMAND\n")
@@ -386,9 +388,11 @@ func (n *nodeAuth) verifySignature(m Message) bool {
 
 	// Verify if the signature matches.
 	argsStringified := argsToString(m.MethodArgs)
-	ok := ed25519.Verify(n.SignPublicKey, []byte(argsStringified), m.ArgSignature)
+	n.publicKeys.mu.Lock()
+	ok := ed25519.Verify(n.publicKeys.keysAndHash.Keys[m.FromNode], []byte(argsStringified), m.ArgSignature)
+	n.publicKeys.mu.Unlock()
 
-	fmt.Printf(" * DEBUG: verifySignature, result: %v, fromNode: %v, method: %v\n", ok, m.FromNode, m.Method)
+	log.Printf("info: verifySignature, result: %v, fromNode: %v, method: %v\n", ok, m.FromNode, m.Method)
 
 	return ok
 }
diff --git a/process.go b/process.go
index c11050d..91fd42c 100644
--- a/process.go
+++ b/process.go
@@ -523,13 +523,41 @@ func (p process) messageSubscriberHandler(natsConn *nats.Conn, thisNode string,
 		out := []byte{}
 		var err error
 
-		if p.nodeAuth.verifySignature(message) {
-			// Call the method handler for the specified method.
+		// The verify functions will return true if the signature or acl is correct,
+		// but will return false if the signature or acl is wrong.
+		// They will also return true if the configuration flag for checking the acl
+		// or the signature is set to false.
+		sigOK := p.nodeAuth.verifySignature(message)
+		log.Printf("info: sigOK=%v\n", sigOK)
+		aclOK := p.nodeAuth.verifyAcl(message)
+		log.Printf("info: aclOK=%v\n", aclOK)
+
+		// We should allow to call the handler if either:
+		//  1. signature and acl is OK for when acl verification is enabled.
+		//  2. just signature is OK, if just signature checking is enabled.
+		//  3. Since the verify functions return true if the verification is
+		//     disabled, the handler will be called if both are disabled.
+		switch {
+		case sigOK && aclOK || sigOK:
+			log.Printf("info: subscriberHandler: signature and acl check successful: %v", err)
 			out, err = mh.handler(p, message, thisNode)
 			if err != nil {
 				er := fmt.Errorf("error: subscriberHandler: handler method failed: %v", err)
 				p.errorKernel.errSend(p, message, er)
+				log.Printf("%v\n", er)
 			}
+		case sigOK && !aclOK:
+			er := fmt.Errorf("error: subscriberHandler: acl check failed: %v", err)
+			p.errorKernel.errSend(p, message, er)
+			log.Printf("%v\n", er)
+		case !sigOK && !aclOK:
+			er := fmt.Errorf("error: subscriberHandler: signature and acl check failed: %v", err)
+			p.errorKernel.errSend(p, message, er)
+			log.Printf("%v\n", er)
+		case !sigOK:
+			er := fmt.Errorf("error: subscriberHandler: signature check failed: %v", err)
+			p.errorKernel.errSend(p, message, er)
+			log.Printf("%v\n", er)
 		}
 
 		// Send a confirmation message back to the publisher
@@ -543,7 +571,19 @@ func (p process) messageSubscriberHandler(natsConn *nats.Conn, thisNode string,
 			p.errorKernel.errSend(p, message, er)
 		}
 
-		if p.nodeAuth.verifySignature(message) {
+		// The verify functions will return true if the signature or acl is correct,
+		// but will return false if the signature or acl is wrong.
+		// They will also return true if the configuration flag for checking the acl
+		// or the signature is set to false.
+		sigOK := p.nodeAuth.verifySignature(message)
+		aclOK := p.nodeAuth.verifyAcl(message)
+
+		// We should allow to call the handler if either:
+		//  1. signature and acl is OK for when acl verification is enabled.
+		//  2. just signature is OK, if just signature checking is enabled.
+		//  3. Since the verify functions return true if the verification is
+		//     disabled, the handler will be called if both are disabled.
+		if sigOK && aclOK || sigOK {
 
 			_, err := mf.handler(p, message, thisNode)
 
diff --git a/requests_acl.go b/requests_acl.go
index c6eca3b..f172cc3 100644
--- a/requests_acl.go
+++ b/requests_acl.go
@@ -54,14 +54,14 @@ func (m methodREQAclRequestUpdate) handler(proc process, message Message, node s
 				defer proc.centralAuth.accessLists.schemaGenerated.mu.Unlock()
 
 				// DEBUGGING:
-				{
-					proc.centralAuth.accessLists.schemaMain.mu.Lock()
-					fmt.Printf("\n --- DEBUGGING: subscriber methodREQAclRequestUpdate: schemaGenerated contains: %v\n\n", proc.centralAuth.accessLists.schemaGenerated)
-					fmt.Printf("\n --- DEBUGGING: subscriber methodREQAclRequestUpdate: schemaMain contains: %v\n\n", proc.centralAuth.accessLists.schemaMain)
-					proc.centralAuth.accessLists.schemaMain.mu.Unlock()
-
-					// TODO: PROBLEM: The existing generated acl's are not loaded when starting, or not stored at all.
-				}
+				//{
+				//	proc.centralAuth.accessLists.schemaMain.mu.Lock()
+				//	fmt.Printf("\n --- DEBUGGING: subscriber methodREQAclRequestUpdate: schemaGenerated contains: %v\n\n", proc.centralAuth.accessLists.schemaGenerated)
+				//	fmt.Printf("\n --- DEBUGGING: subscriber methodREQAclRequestUpdate: schemaMain contains: %v\n\n", proc.centralAuth.accessLists.schemaMain)
+				//	proc.centralAuth.accessLists.schemaMain.mu.Unlock()
+				//
+				//	// TODO: PROBLEM: The existing generated acl's are not loaded when starting, or not stored at all.
+				//}
 
 				fmt.Printf(" ---- subscriber methodREQAclRequestUpdate: got acl hash from NODE=%v, HASH=%v\n", message.FromNode, message.Data)
 
@@ -81,9 +81,9 @@ func (m methodREQAclRequestUpdate) handler(proc process, message Message, node s
 
 				hdh := HostACLsSerializedWithHash{}
 				hdh.Data = proc.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap[message.FromNode].Data
-				fmt.Printf("\n * DEBUGGING: before marshalling, hdh.Data=%v\n", hdh.Data)
+				// fmt.Printf("\n * DEBUGGING: before marshalling, hdh.Data=%v\n", hdh.Data)
 				hdh.Hash = proc.centralAuth.accessLists.schemaGenerated.GeneratedACLsMap[message.FromNode].Hash
-				fmt.Printf("\n * DEBUGGING: before marshalling, hdh.Hash=%v\n\n", hdh.Hash)
+				// fmt.Printf("\n * DEBUGGING: before marshalling, hdh.Hash=%v\n\n", hdh.Hash)
 
 				js, err := json.Marshal(hdh)
 				if err != nil {
@@ -118,7 +118,7 @@ func (m methodREQAclDeliverUpdate) handler(proc process, message Message, node s
 	inf := fmt.Errorf("<--- subscriber methodREQAclDeliverUpdate received from: %v, containing: %v", message.FromNode, message.Data)
 	proc.errorKernel.logConsoleOnlyIfDebug(inf, proc.configuration)
 
-	fmt.Printf("\n --- subscriber methodREQAclRequestUpdate: the message received on handler : %+v\n\n", message)
+	// fmt.Printf("\n --- subscriber methodREQAclRequestUpdate: the message received on handler : %+v\n\n", message)
 
 	// Get a context with the timeout specified in message.MethodTimeout.
 	ctx, _ := getContextForMethodTimeout(proc.ctx, message)