diff --git a/cert-functions.sh b/cert-functions.sh
index 3a99da8..12f1eee 100755
--- a/cert-functions.sh
+++ b/cert-functions.sh
@@ -1,3 +1,18 @@
+function make_hash_link() {
+    local CERT_PATH="$1"
+    if [[ ! -f "$CERT_PATH" ]]; then
+        echo "ERROR: Certificate file $CERT_PATH does not exist." >&2
+        return 1
+    fi
+    local CERT_DIR="$(dirname "$CERT_PATH")"
+    local HASH="$(openssl x509 -in "$CERT_PATH" -noout -hash 2>/dev/null)"
+    if [[ -z "$HASH" ]]; then
+        echo "ERROR: Failed to calculate hash for certificate $CERT_PATH." >&2
+        return 1
+    fi
+    ln -sf "$(basename "$CERT_PATH")" "$CERT_DIR/${HASH}.0"
+}
+
 function make_ca() {
     local CA_DAYS=3650 # Default validity period for CA certificates
 
@@ -79,6 +94,9 @@ function make_ca() {
             return 1
         fi
 
+        # Make a "hash" symlink for the CA certificate to allow OpenSSL to find it when verifying other certificates
+        make_hash_link "$CA_DIR/$ROOT_CA_CERT"
+
         return 0
     fi
 
@@ -104,6 +122,9 @@ function make_ca() {
         fi
     fi
 
+    # Make a "hash" symlink for the issuing CA certificate to allow OpenSSL to find it when verifying other certificates
+    make_hash_link "$CA_DIR/${CA_CERT}"
+
     return 0
 }
 
@@ -126,9 +147,18 @@ function _is_dns() {
 function make_server_cert() {
     local CA_FILE_PREFIX="ca" # Default to CA if no issuing CA is used
     local CERT_DAYS=365 # Default validity period for leaf certificates
+    local CA_DIR="" # The CA directory will default to certificate directory if not specified with --ca-dir
 
     while [[ $# -gt 0 ]]; do
         case "$1" in
+            --ca-dir)
+                if [[ -z "$2" ]]; then
+                    echo "ERROR: Missing value for --ca-dir." >&2
+                    return 1
+                fi
+                CA_DIR="$2"
+                shift 2
+                ;;
             --issuing-ca)
                 if [[ -z "$2" ]]; then
                     echo "ERROR: Missing value for --issuing-ca." >&2
@@ -157,6 +187,8 @@ function make_server_cert() {
     local CERT_SUBJECT_NAME="$2"
     shift 2
 
+    CA_DIR="${CA_DIR:-$CERT_DIR}"
+
     local CA_CERT="${CA_FILE_PREFIX}_cert.pem"
     local CA_KEY="${CA_FILE_PREFIX}_key.pem"
 
@@ -165,6 +197,11 @@ function make_server_cert() {
         return 1
     fi
 
+    if [[ -z "$CA_DIR" || ! -d "$CA_DIR" ]]; then
+        echo "ERROR: CA directory $CA_DIR does not exist." >&2
+        return 1
+    fi
+
     if [[ -z "$CERT_SUBJECT_NAME" ]]; then
         echo "ERROR: Subject name is required." >&2
         return 1
@@ -175,8 +212,8 @@ function make_server_cert() {
         return 1
     fi
 
-    if [[ ! -f "$CERT_DIR/$CA_CERT" || ! -f "$CERT_DIR/$CA_KEY" ]]; then
-        echo "ERROR: Signing CA certificate and key not found in $CERT_DIR. Please call setup a signing CA first." >&2
+    if [[ ! -f "$CA_DIR/$CA_CERT" || ! -f "$CA_DIR/$CA_KEY" ]]; then
+        echo "ERROR: Signing CA certificate and key not found in $CA_DIR. Please call setup a signing CA first." >&2
         return 1
     fi
 
@@ -222,8 +259,8 @@ function make_server_cert() {
             -addext "$SANS_EXT" \
         | openssl x509 \
             -req \
-            -CA "$CERT_DIR/$CA_CERT" \
-            -CAkey "$CERT_DIR/$CA_KEY" \
+            -CA "$CA_DIR/$CA_CERT" \
+            -CAkey "$CA_DIR/$CA_KEY" \
             -copy_extensions copyall \
             -days $CERT_DAYS \
             -text \
diff --git a/run-tests.sh b/run-tests.sh
index 10de028..25518f9 100755
--- a/run-tests.sh
+++ b/run-tests.sh
@@ -7,32 +7,40 @@ set -e
 source "$(dirname "$BASH_SOURCE[0]")/cert-functions.sh"
 
 function clean_up_test_dir() {
-    local TEST_DIR="$1"
-
-    if [[ -d "$TEST_DIR" ]]; then
-        echo "Cleaning up test directory $TEST_DIR..."
-        rm -rf "$TEST_DIR"/*
+    if [[ -d "$CERT_DIR" ]]; then
+        echo "Cleaning up test directory $CERT_DIR..."
+        rm -rf "$CERT_DIR"/*
     fi
 
-    echo "Creating test directory $TEST_DIR and ca subdirectory..."
-    mkdir -p "$TEST_DIR/ca"
+    echo "Creating test directory $CERT_DIR and ca subdirectory..."
+    mkdir -p "$CERT_DIR/ca"
 }
 
 function display_certificate() {
-    local CERT_DIR="$1"
-    local CERT_FILE="$2"
+    local CERT_PATH="$1"
 
-    echo -e "\nDisplaying generated certificate for verification ($CERT_FILE):"
+    echo -e "\nDisplaying generated certificate for verification ($CERT_PATH):"
 
     # Display the certificate details for verification
-    openssl x509 -in "$CERT_DIR/$CERT_FILE" -noout -subject -issuer -serial -hash -fingerprint
+    openssl x509 -in "$CERT_PATH" -noout -subject -issuer -serial -fingerprint
     echo
+
+    echo -e "\nVerifying certificate against the CA ($CA_DIR)..."
+
+    # Verify the certificate against the CA
+    if openssl verify -CApath "$CA_DIR" "$CERT_PATH" 2>/dev/null; then
+        echo "Certificate verification successful."
+    else
+        echo "ERROR: Certificate verification failed." >&2
+    fi
 }
 
 # Create a temporary directory for the test certificates
-TEMP_CERT_DIR="$(dirname "$BASH_SOURCE[0]")/tests"
+CERT_DIR="$(dirname "$BASH_SOURCE[0]")/tests"
+CA_DIR="$CERT_DIR/ca"
+
 # Clean up any existing files in the temporary directory
-clean_up_test_dir "$TEMP_CERT_DIR"
+clean_up_test_dir "$CERT_DIR"
 
 echo
 echo "Running tests for standalone CA..."
@@ -40,25 +48,25 @@ echo "----------------------------------"
 echo
 
 # Create a standalone CA for testing purposes
-if ! make_ca "$TEMP_CERT_DIR" "Test CA"; then
+if ! make_ca "$CA_DIR" "Test CA"; then
     echo "ERROR: Failed to create CA." >&2
     exit 1
 fi
 
 # List the generated certificates and keys for verification
-display_certificate "$TEMP_CERT_DIR" "ca_cert.pem"
+display_certificate "$CA_DIR/ca_cert.pem"
 
 # Make a server certificate signed by the CA
-if ! make_server_cert "$TEMP_CERT_DIR" "test" "test.example.com" "127.0.0.1"; then
+if ! make_server_cert --ca-dir "$CA_DIR" "$CERT_DIR" "test" "test.example.com" "127.0.0.1"; then
     echo "ERROR: Failed to create server certificate." >&2
     exit 1
 fi
 
 # List the generated server certificate and key for verification
-display_certificate "$TEMP_CERT_DIR" "test_cert.pem"
+display_certificate "$CERT_DIR/test_cert.pem"
 
 # Remove all files from the directory
-clean_up_test_dir "$TEMP_CERT_DIR"
+clean_up_test_dir "$CERT_DIR"
 
 echo
 echo "Running tests for two-level CA..."
@@ -66,29 +74,28 @@ echo "---------------------------------"
 echo
 
 # Create a new CA with pathlen 1
-if ! make_ca --path-len 1 "$TEMP_CERT_DIR" "Test Two Level CA"; then
+if ! make_ca --path-len 1 "$CA_DIR" "Test Two Level CA"; then
     echo "ERROR: Failed to create CA." >&2
     exit 1
 fi
 
 # List the generated certificates and keys for verification
-display_certificate "$TEMP_CERT_DIR" "ca_cert.pem"
+display_certificate "$CA_DIR/ca_cert.pem"
 
 # Create an issuing CA signed by the first CA
-if ! make_ca --issuing-ca "issuing_ca" "$TEMP_CERT_DIR" "Issuing CA"; then
+if ! make_ca --issuing-ca "issuing_ca" "$CA_DIR" "Issuing CA"; then
     echo "ERROR: Failed to create issuing CA." >&2
     exit 1
 fi
 
 # List the generated certificates and keys for verification
-display_certificate "$TEMP_CERT_DIR" "issuing_ca_cert.pem"
+display_certificate "$CA_DIR/issuing_ca_cert.pem"
 
 # Make a server certificate signed by the CA
-if ! make_server_cert --issuing-ca "issuing_ca" "$TEMP_CERT_DIR" "test" "test.example.com" "127.0.0.1"; then
+if ! make_server_cert --ca-dir "$CA_DIR" --issuing-ca "issuing_ca" "$CERT_DIR" "test" "test.example.com" "127.0.0.1"; then
     echo "ERROR: Failed to create server certificate." >&2
     exit 1
 fi
 
 # List the generated server certificate and key for verification
-display_certificate "$TEMP_CERT_DIR" "test_cert.pem"
-
+display_certificate "$CERT_DIR/test_cert.pem"