diff --git a/ssl/mkcert.sh b/ssl/mkcert.sh
index e77e9b9a..05827a8b 100755
--- a/ssl/mkcert.sh
+++ b/ssl/mkcert.sh
@@ -1,8 +1,10 @@
 #!/bin/sh
 
 KEYSIZE=2048
+#OPENSSL="../src/contrib/openssl-1.0.1i/apps/openssl"
+OPENSSL="openssl"
 
-#set -x
+set -x
 
 NAME=$1
 PREF=$2
@@ -13,14 +15,33 @@ PREF=$2
 #fi
 
 
-SUBJ="/C=DE/ST=Berlin/L=Berlin/O=Cauwersin/CN=7u83.cauwersin.com/emailAddress=7u83@mail.ru"
+SUBJ="/C=DE/ST=Berlin/L=Berlin/O=Cauwersin/CN=C1130-c80aa9cd7fa4/emailAddress=7u83@mail.ru"
 if [ "$PREF" = "cisco" ] 
 then
 	PREF="$2-"
 	SUBJ="/C=US/ST=California/L=San Jose/O=Cisco Virtual Wireless LAN Controller/CN=DEVICE-AC-TUBE/emailAddress=7u83@mail.ru"
 fi
 
+if [ "$PREF" = "simple" ] 
+then
+	PREF="$2"
+	SUBJ="/C=DE/ST=Berlin/L=Berlin/O=Cauwersin/CN=C1130-908d43460000/mailAddress=7u83@mail.ru"
+fi
 
+if [ "$PREF" = "cisco-ap" ]
+then
+	PREF="$2-"
+#	SUBJ="/C=US/ST=California/L=San Jose/O=Cisco Systems/CN=C1130-f866f2a342fc/emailAddress=support@cisco.com"
+#	SUBJ="/C=US/ST=California/L=San Jose/O=airespace Inc/CN=C1130-f866f2a342fc/emailAddress=support@airespace.com"
+
+#	SUBJ="/ST=California/L=San Jose/C=US/O=Cisco Systems/CN=C1130-c80aa9cd7fa4/emailAddress=support@cisco.com"
+	#SUBJ="/ST=California/L=San Jose/C=US/O=Cisco Systems/CN=C1130-c80aa9cd7fa4/emailAddress=support@cisco.com"
+#	SUBJ="/C=US/ST=California/L=San Jose/O=airespace Inc/CN=C1130-f866f2a342fc/emailAddress=support@airespace.com"
+	SUBJ="/C=US/ST=California/L=San Jose/O=Cisco Systems/CN=C1130-c80aa9cd7fa4/emailAddress=support@cisco.com"
+#	SUBJ="/C=US/ST=California/L=San Jose/O=Cisco Systems/CN=C1200-c80aa9cd7fa4/emailAddress=support@cisco.com"
+
+
+fi
 
 
 DIR=./certs
@@ -35,30 +56,43 @@ then
 fi
 
 
-openssl req -nodes -newkey rsa:$KEYSIZE -keyout $DIR/$NAME.key -out $DIR/$NAME.req   \
+$OPENSSL req -nodes -newkey rsa:$KEYSIZE -keyout $DIR/$NAME.key -out $DIR/$NAME.req   \
         -subj "$SUBJ"
 
-if [ "$PREF" = "simple" ]
+if [ "$2" = "simple" ]
 then
-openssl ca -config openssl-simple.cnf  \
+$OPENSSL ca -config openssl-simple.cnf  \
 	   -keyfile $ROOT_CA_DIR/${PREF}-root-ca.key \
 	   -cert $ROOT_CA_DIR/${PREF}-root-ca.crt \
 	   -batch \
 	   -out $DIR/$NAME.crt -infiles $DIR/$NAME.req 
 
-openssl x509 -in $DIR/$NAME.crt -out $DIR/$NAME.pem
+$OPENSSL x509 -in $DIR/$NAME.crt -out $DIR/$NAME.pem
+
+elif [ "$2" = "nocisco-ap" ]
+then
+$OPENSSL ca -config openssl-simple.cnf  \
+	   -keyfile $ROOT_CA_DIR/${PREF}root-ca.key \
+	   -cert $ROOT_CA_DIR/${PREF}root-ca.crt \
+	   -batch \
+	   -out $DIR/$NAME.crt -infiles $DIR/$NAME.req 
+
+$OPENSSL x509 -in $DIR/$NAME.crt -out $DIR/$NAME.pem
+
 
 else
-openssl ca -config openssl-int.cnf  \
+$OPENSSL ca -config openssl-int.cnf  \
 	   -keyfile $INT_CA_DIR/${PREF}int-ca.key \
 	   -cert $INT_CA_DIR/${PREF}int-ca.crt \
 	   -batch \
 	   -out $DIR/$NAME.crt -infiles $DIR/$NAME.req 
 
 
-openssl x509 -in $DIR/$NAME.crt -out $DIR/$NAME.pem
+$OPENSSL x509 -in $DIR/$NAME.crt -out $DIR/$NAME.pem
 cat $INT_CA_DIR/${PREF}int-ca.crt >> $DIR/$NAME.pem
 cat $ROOT_CA_DIR/${PREF}root-ca.crt >> $DIR/$NAME.pem
+$OPENSSL x509 -in $INT_CA_DIR/${PREF}int-ca.crt -noout -sha1 -fingerprint
+
 fi