2 files changed, 27 insertions, 2 deletions

diff --git a/cmd/easyca/main.go b/cmd/easyca/main.go
index b2beefd..c8cf679 100644
--- a/cmd/easyca/main.go
+++ b/cmd/easyca/main.go
@@ -51,6 +51,9 @@ func createBundle(c *cli.Context) {
 	if str := c.String("province"); len(str) > 0 {
 		subject.Province = []string{str}
 	}
+	if str := c.String("organizational-unit"); len(str) > 0 {
+		subject.OrganizationalUnit = []string{str}
+	}
 
 	template := &x509.Certificate{
 		Subject:  subject,
@@ -171,6 +174,10 @@ func parseArgs() {
 					EnvVar: "PKI_ORGANIZATION",
 				},
 				cli.StringFlag{
+					Name:   "organizational-unit",
+					EnvVar: "PKI_ORGANIZATIONAL_UNIT",
+				},
+				cli.StringFlag{
 					Name:   "locality",
 					EnvVar: "PKI_LOCALITY",
 				},
diff --git a/pkg/easyca/easyca.go b/pkg/easyca/easyca.go
index 92f950a..a0fff16 100644
--- a/pkg/easyca/easyca.go
+++ b/pkg/easyca/easyca.go
@@ -322,14 +322,32 @@ func WriteIndex(pkiroot, filename string, crt *x509.Certificate) error {
 	if len(serialOutput)%2 == 1 {
 		serialOutput = "0" + serialOutput
 	}
-	// subject: /C=FR/ST=IDF/O=Umbrella Corporation/CN=test.clerc.io
+
 	// Date format: yymmddHHMMSSZ
 	// E|R|V<tab>Expiry<tab>[RevocationDate]<tab>Serial<tab>filename<tab>SubjectDN
+	var subject string
+	if strs := crt.Subject.Country; len(strs) == 1 {
+		subject += "/C=" + strs[0]
+	}
+	if strs := crt.Subject.Organization; len(strs) == 1 {
+		subject += "/O=" + strs[0]
+	}
+	if strs := crt.Subject.OrganizationalUnit; len(strs) == 1 {
+		subject += "/OU=" + strs[0]
+	}
+	if strs := crt.Subject.Locality; len(strs) == 1 {
+		subject += "/L=" + strs[0]
+	}
+	if strs := crt.Subject.Province; len(strs) == 1 {
+		subject += "/ST=" + strs[0]
+	}
+	subject += "/CN=" + crt.Subject.CommonName
+
 	n, err := fmt.Fprintf(f, "V\t%vZ\t\t%v\t%v.crt\t%v\n",
 		crt.NotAfter.UTC().Format("060102150405"),
 		serialOutput,
 		filename,
-		"/CN="+crt.Subject.CommonName)
+		subject)
 	if err != nil {
 		return err
 	}