diff --git a/get_all_keys.sh b/get_all_keys.sh
index 945ba76..80e3edd 100755
--- a/get_all_keys.sh
+++ b/get_all_keys.sh
@@ -103,6 +103,35 @@ containsElement () {
    return 1
 }
 
+detect_os_1 () {
+
+   if $(which lsb_release > /dev/null 2>&1) ; then
+
+      os_dist="$(lsb_release -i | awk '{print tolower($3)}')"
+      os_version="$(lsb_release -r | awk '{print tolower($2)}')"
+      os_codename="$(lsb_release -c | awk '{print tolower($2)}')"
+
+      if [[ "$os_dist" = "debian" ]]; then
+         if $(echo "$os_version" | grep -q '\.') ; then
+            os_version=$(echo "$os_version" | cut --delimiter='.' -f1)
+         fi
+      fi
+
+   elif [[ -e "/etc/os-release" ]]; then
+
+      . /etc/os-release
+
+      os_dist=$ID
+      os_version=${VERSION_ID}
+
+   fi
+
+   # remove whitespace from os_dist and os_version
+   os_dist="${os_dist// /}"
+   os_version="${os_version// /}"
+
+}
+
 
 
 # -------------
@@ -118,6 +147,17 @@ else
 fi
 
 
+# -------------
+# --- Detect OS Version/Name/..
+# -------------
+
+# -    os_dist
+# -    os_version
+# -    os_codename
+
+detect_os_1
+
+
 # -------------
 # --- Read Configurations from $conf_file
 # -------------
@@ -259,7 +299,13 @@ if $EASYRSA_LAYOUT_NEW ; then
       _serial="$(basename "$_cert")"
       _serial="${_serial%.*}"
 
-      _cn="$(openssl x509  -noout -text -in $_cert | grep Subject: | grep -oE "CN\s*=\s*[^,]+" | awk '{print$3}')"
+      if [[ "$os_dist" = "debian" ]] && [[ $os_version -ge 13 ]] ; then
+         #_cn="$(openssl x509  -noout -text -in $_cert | grep Subject: | grep -oP 'CN=\K[^,]+')"
+         _cn="$(openssl x509  -noout -text -in $_cert | grep Subject: | sed -n 's/.*CN=\([^,]*\).*/\1/p')"
+      else
+         _cn="$(openssl x509  -noout -text -in $_cert | grep Subject: | grep -oE "CN\s*=\s*[^,]+" | awk '{print$3}')"
+      fi
+
       if ! containsElement "$_cn" "${all_cn_arr[@]}" ; then
          all_arr+=("${_serial}:$(trim $_cn)")
          all_cn_arr+=("$(trim $_cn)")
@@ -275,7 +321,13 @@ else
       _serial="$(basename "$_cert")"
       _serial="${_serial%.*}"
 
-      _cn="$(openssl x509  -noout -text -in $_cert | grep Subject: | grep -oE "CN\s*=\s*[^,]+" | awk '{print$3}')"
+      if [[ "$os_dist" = "debian" ]] && [[ $os_version -ge 13 ]] ; then
+         #_cn="$(openssl x509  -noout -text -in $_cert | grep Subject: | grep -oP 'CN=\K[^,]+')"
+         _cn="$(openssl x509  -noout -text -in $_cert | grep Subject: | sed -n 's/.*CN=\([^,]*\).*/\1/p')"
+      else
+         _cn="$(openssl x509  -noout -text -in $_cert | grep Subject: | grep -oE "CN\s*=\s*[^,]+" | awk '{print$3}')"
+      fi
+
       all_arr+=("${_serial}:$(trim $_cn)")
       if ! containsElement "${_serial}:$(trim $_cn)" "${revoked_arr[@]}" ; then
          active_arr+=("${_serial}:$(trim $_cn)")