diff --git a/main.go b/main.go
index 09c31e5..259748a 100644
--- a/main.go
+++ b/main.go
@@ -94,14 +94,6 @@ func GenerateCA(config *CAConfig) ([]byte, []byte, error) {
 	return certPEM, keyPEM, nil
 }
 
-func FileMode(secure bool) os.FileMode {
-	if secure {
-		return 0600 // Read/write for owner only
-	} else {
-		return 0644 // Read/write for owner, read for group and others
-	}
-}
-
 func SavePEM(filename string, data []byte, secure bool, overwrite bool) error {
 	if !overwrite {
 		if _, err := os.Stat(filename); err == nil {
@@ -110,8 +102,12 @@ func SavePEM(filename string, data []byte, secure bool, overwrite bool) error {
 			return fmt.Errorf("could not check file %s: %v", filename, err)
 		}
 	}
-	mode := FileMode(secure)
-	return os.WriteFile(filename, data, mode)
+
+	if secure {
+		return os.WriteFile(filename, data, 0600) // Read/write for owner only
+	} else {
+		return os.WriteFile(filename, data, 0644) // Read/write for owner, read for group and others
+	}
 }
 
 // Validate checks required fields and sets defaults for CAConfig