diff --git a/apps/gmca/gmca b/apps/gmca/gmca
index 29a10757..83299cc4 100755
--- a/apps/gmca/gmca
+++ b/apps/gmca/gmca
@@ -234,7 +234,7 @@ function signenccsr {
 	common_name=$1
 	csrfile="$ca_csr_dir/$common_name.csr"
 	subject="$user_dn_enc_prefix/CN=$common_name"
-	gmssl ca -config ./signenccsr.cnf -batch -subj=$subject -md $md -days 365 -outdir $ca_usercert_dir -infiles "$csrfile"
+	gmssl ca -config ./signenccsr.cnf -batch -subj=$subject -md $md -days 365 -outdir $ca_cert_dir -infiles "$csrfile"
 }
 
 function gencert {
@@ -277,7 +277,7 @@ function listcertsbyname {
 function getcertbyserial {
 	#FIXME: check argument exist
 	local serial=$1
-	local cerfile=$ca_cert_dir/$serial.pem
+	local certfile=$ca_cert_dir/$serial.pem
 	gmssl x509 -in $certfile
 }
 
@@ -320,6 +320,12 @@ function _revokecertfile {
 	#gmssl ca -config ./ca.cnf -valid $certfile
 }
 
+function revokecertbyname {
+	common_name=$1
+	serial=`awk -F'\t' '{print $2,$4,$6}' $ca_index_file | grep -E "CN=$common_name$" | awk '{print $2}'`
+	_revokecertfile "$ca_cert_dir/$serial.pem"
+}
+
 function revokecertbyserial {
 	serial=$1
 	_revokecertfile "$ca_cert_dir/$serial.pem"
@@ -408,6 +414,12 @@ case $opt in
 		shift
 		shift
 		;;
+	-signenccsr)
+		common_name="$2"
+		signenccsr "$common_name"
+		shift
+		shift
+		;;
 	-rejectcsr)
 		common_name="$2"
 		rejectcsr "$common_name"
@@ -420,6 +432,12 @@ case $opt in
 		shift
 		shift
 		;;
+	-genenccert)
+		common_name="$2"
+		genenccert $common_name
+		shift
+		shift
+		;;
 	-listcerts)
 		listcerts
 		shift
@@ -452,6 +470,12 @@ case $opt in
 		revokereasons
 		shift
 		;;
+	-revokecertbyname)
+		name="$2"
+		revokecertbyname "$name"
+		shift
+		shift
+		;;
 	-revokecert)
 		certfile="$2"
 		revokebycert "$certfile"
diff --git a/apps/gmca/signcsr.cnf b/apps/gmca/signcsr.cnf
index ff9e22dc..6f784d0d 100644
--- a/apps/gmca/signcsr.cnf
+++ b/apps/gmca/signcsr.cnf
@@ -186,6 +186,7 @@ basicConstraints=CA:FALSE
 
 # This is typical in keyUsage for a client certificate.
 # keyUsage = nonRepudiation, digitalSignature, keyEncipherment
+keyUsage = digitalSignature
 
 # This will be displayed in Netscape's comment listbox.
 nsComment			= "OpenSSL Generated Certificate"
diff --git a/apps/gmca/signenccsr.cnf b/apps/gmca/signenccsr.cnf
index ea9542aa..2a21fd42 100644
--- a/apps/gmca/signenccsr.cnf
+++ b/apps/gmca/signenccsr.cnf
@@ -15,7 +15,7 @@ default_ca	= CA_default		# The default ca section
 ####################################################################
 [ CA_default ]
 
-dir		= ./demoCA		# Where everything is kept
+dir		= .ca			# Where everything is kept
 certs		= $dir/certs		# Where the issued certs are kept
 crl_dir		= $dir/crl		# Where the issued crl are kept
 database	= $dir/index.txt	# database index file.