safe_domain_name(cn),# common name, which should be filename safe because it is IDNA-encoded, but in case of a malformed cert make sure it's ok to use as a filename
cert.not_valid_after.date().isoformat().replace("-",""),# expiration date
cert.not_valid_after.date().isoformat().replace("-",""),# expiration date