diff --git a/src/ksigner.in b/src/ksigner.in
index bfda0f5..78c4535 100644
--- a/src/ksigner.in
+++ b/src/ksigner.in
@@ -21,6 +21,8 @@ KEY_PUB="MOK.pem"
 KEY_PRIV="MOK.priv"
 KEY_DER="MOK.der"
 
+KEY_SUBJ="/O=ksigner/OU=KSigner Secure Boot/CN=ksigner"
+
 REQUIRED_BINARIES=(
 	"openssl"
 	"mokutil"
@@ -142,9 +144,10 @@ setup_signing_keys() {
 	# Step 1: Create the signing keys
 	log "[Step 1] Creating signing keys..."
 	openssl req -new -x509 -newkey rsa:4096 \
-		-keyout $KEY_PRIV \
-		-outform DER -out $KEY_DER \
-		-nodes -days $KEY_LIFETIME_DAYS -subj "/CN=Kernel Signing/" ||
+		-keyout "$KEY_PRIV" \
+		-outform DER -out "$KEY_DER" \
+		-nodes -days "$KEY_LIFETIME_DAYS" \
+		-subj "$KEY_SUBJ" ||
 		panic "[Step 1] Failed to create signing keys"
 
 	# Step 2: Convert the keys to PEM format