diff --git a/lib/services/cmp.ex b/lib/services/cmp.ex
index c85bdf2..ef82faa 100644
--- a/lib/services/cmp.ex
+++ b/lib/services/cmp.ex
@@ -59,6 +59,7 @@ defmodule CA.CMP do
       case CA.ALG.lookup(oid) do
            {:'id-PasswordBasedMac', _ } ->
                 incomingProtection = CA."ProtectedPart"(header: header, body: body)
+                :io.format 'protection: ~p~n', [incomingProtection]
                 {:ok, bin} = :"PKIXCMP-2009".encode(:'ProtectedPart', incomingProtection)
                 {owf,_} = CA.ALG.lookup(owfoid) # SHA-2
                 pbm = :application.get_env(:ca, :pbm, "0000") # DH shared secret
@@ -114,6 +115,10 @@ defmodule CA.CMP do
       pkibody = {:cp, reply}
       pkiheader = CA."PKIHeader"(sender: to, recipient: from, pvno: pvno, recipNonce: senderNonce,
           transactionID: transactionID, protectionAlg: protectionAlg, messageTime: messageTime)
+
+      :logger.info 'P10CR OTP ~p~n', [cert]
+      :logger.info 'P10CR PKIX ~p~n', [convertOTPtoPKIX(cert)]
+
       :ok = answer(socket, pkiheader, pkibody, validateProtection(pkiheader, pkibody, code))
       :logger.info 'CP ~p~n', [senderNonce]
   end
diff --git a/lib/services/crt.ex b/lib/services/crt.ex
index c75e42f..faf2455 100644
--- a/lib/services/crt.ex
+++ b/lib/services/crt.ex
@@ -3,20 +3,18 @@ defmodule CA.CRT do
 
   def subj({:rdnSequence, attrs}) do
         {:rdnSequence, :lists.map(fn
-            [{t,oid,{:uTF8String,x}}] ->
-                [{t,oid,:asn1rt_nif.encode_ber_tlv({12, :erlang.iolist_to_binary(x)})}]
-            [{t,oid,x}] when is_list(x) ->
-                [{t,oid,:asn1rt_nif.encode_ber_tlv({19, :erlang.iolist_to_binary(x)})}]
+            [{t,oid,{:uTF8String,x}}] -> [{t,oid,:asn1rt_nif.encode_ber_tlv({12, :erlang.iolist_to_binary(x)})}]
+            [{t,oid,x}] when is_list(x) -> [{t,oid,:asn1rt_nif.encode_ber_tlv({19, :erlang.iolist_to_binary(x)})}]
             [{t,oid,x}] -> [{t,oid,x}] end, attrs)}
   end
 
   def unsubj({:rdnSequence, attrs}) do
-        {:rdnSequence, :lists.flatmap(fn [{t,oid,x}] when is_binary(x) ->
+        {:rdnSequence, :lists.map(fn [{t,oid,x}] when is_binary(x) ->
              case :asn1rt_nif.decode_ber_tlv(x) do
                   {{12,a},_} -> [{t,oid,{:uTF8String,a}}]
                   {{19,a},_} -> [{t,oid,:erlang.binary_to_list(a)}]
-             end 
-             _ -> [] end, attrs)}
+             end
+             x -> x end, attrs)}
   end
 
   def extract(code, person) do