diff --git a/check_ssl_certs b/check_ssl_certs
index 82532c48083d61c467cb349d87f6025459feab44..1a1eab9ebcc146bee10e7456f58c34ad4ce890b7 100755
--- a/check_ssl_certs
+++ b/check_ssl_certs
@@ -11,9 +11,10 @@
 #
 # ----------------------------------------------------------------------
 # 2021-10-06  v0.1  <axel.hahn@iml.unibe.ch>  initial version
+# 2022-03-16  v0.2  <axel.hahn@iml.unibe.ch>  shell fixes; shorten perfdata label
 # ======================================================================
 
-. `dirname $0`/inc_pluginfunctions
+. $(dirname $0)/inc_pluginfunctions
 
 typeset -i iWarn=14
 typeset -i iCrit=5
@@ -27,6 +28,9 @@ fullstatus=""
 
 filelist="/etc/ssl/certs/*.cert.cer"
 
+# remove dommain in label in performance data
+myDomain=".iml.unibe.ch"
+
 # ----------------------------------------------------------------------
 # functions
 # ----------------------------------------------------------------------
@@ -45,7 +49,7 @@ Check locally installed SSL client certificates and warn if the
 expiration date comes closer. 
 
 SYNTAX:
-`basename $0` [-w WARN_LIMIT] [-c CRITICAL_LIMIT] [-f "FILELIST"]
+$(basename $0) [-w WARN_LIMIT] [-c CRITICAL_LIMIT] [-f "FILELIST"]
 
 OPTIONS:
 
@@ -64,11 +68,11 @@ PARAMETERS:
 
 EXAMPLE:
 
-    `basename $0` -f "/etc/ssl/certs/*example.com.*.cer /somewhere/else/*.cer"
+    $(basename $0) -f "/etc/ssl/certs/*example.com.*.cer /somewhere/else/*.cer"
         Set 2 folders where to find the client certificates.
         They are seperated by space and both use * for globbing
 
-    `basename $0` -w 30 -c 3 
+    $(basename $0) -w 30 -c 3 
         Overide the warning and critical level.
 
 EOF
@@ -95,9 +99,9 @@ ph.require openssl
 
 
 # --- override from command line params
-filelist=`ph.getValueWithParam "$filelist" f "$@"`
-iWarn=`   ph.getValueWithParam $iWarn      w "$@"`
-iCrit=`   ph.getValueWithParam $iCrit      c "$@"`
+filelist=$(ph.getValueWithParam "$filelist" f "$@")
+iWarn=$(   ph.getValueWithParam $iWarn      w "$@")
+iCrit=$(   ph.getValueWithParam $iCrit      c "$@")
 
 
 # ----- check cert files
@@ -114,6 +118,8 @@ do
         iCounter=$iCounter+1
         data=$(openssl x509 -noout -text -in $mycert 2>/dev/null )
         mySubject=$( echo "$data" | grep "Subject:\ CN\ =\ " | grep -v "," | cut -f 2- -d "=" | cut -c 2- )
+        
+        mySubject2="${mySubject//${myDomain}}"
         if [ -z "$mySubject" ]; then
                 bHasWarning=true
                 fullstatus="${fullstatus}
@@ -142,7 +148,7 @@ do
             fi
             shortstatus="${shortstatus}${result} ${mySubject} [${iLeft}d] ; "
             fullstatus="${fullstatus}
------ [$iCounter of $iTotal] ${mySubject} - expires in $iLeft days
+----- [$iCounter of $iTotal] ${mySubject} - expires in $iLeft days $mySubject2
 $( echo "$data" | grep -E "(DNS:|Issuer:|Not\ |Subject:)" | sed 's#^\ *##g')
 File: $mycert
 "