diff --git a/src/authm_mad/remotes/x509/x509_auth.rb b/src/authm_mad/remotes/x509/x509_auth.rb
index 5a12f6a3ba..43ffce6127 100644
--- a/src/authm_mad/remotes/x509/x509_auth.rb
+++ b/src/authm_mad/remotes/x509/x509_auth.rb
@@ -40,11 +40,11 @@ class X509Auth
             :ca_dir    => nil
         }.merge!(options)
 
-        @cert_chain = certs_pem.collect do |cert_pem|
+        @cert_chain = @options[:certs_pem].collect do |cert_pem|
             OpenSSL::X509::Certificate.new(cert_pem)
         end
 
-        if key_pem
+        if @options[:key_pem]
             @key  = OpenSSL::PKey::RSA.new(key_pem)
         end            
     end
@@ -57,7 +57,12 @@ class X509Auth
     # By default it is valid as long as the certificate is valid. It can 
     # be change to any number of seconds with expire parameter (sec.)
     def login(user, expire=0)
-        write_login(login_token(user,expire)
+        write_login(login_token(user,expire))
+    end
+
+    # Returns the dn of the user certificate
+    def dn
+        @cert_chain[0].subject.to_s
     end
 
     # Generates a login token in the form:
diff --git a/src/cli/one_helper/oneuser_helper.rb b/src/cli/one_helper/oneuser_helper.rb
index c0033c8e9f..999755ec98 100644
--- a/src/cli/one_helper/oneuser_helper.rb
+++ b/src/cli/one_helper/oneuser_helper.rb
@@ -66,7 +66,8 @@ class OneUserHelper < OpenNebulaHelper::OneHelper
             options[:cert] ||= ENV['X509_USER_CERT']
 
             begin
-                x509auth = X509Auth.new(:cert=>options[:cert])
+                cert     = [File.read(options[:cert])]
+                x509auth = X509Auth.new(:certs_pem=>cert)
             rescue Exception => e
                 return -1, e.message
             end
diff --git a/src/cli/oneuser b/src/cli/oneuser
index 4beb1bb7a2..2394319ae8 100755
--- a/src/cli/oneuser
+++ b/src/cli/oneuser
@@ -87,6 +87,7 @@ cmd=CommandParser::CmdParser.new(ARGV) do
 
     CERT={
         :name => "cert",
+        :short => "-c path_to_user_cert_pem",
         :large => "--cert path_to_user_cert_pem",
         :format => String,
         :description => "Path to the Certificate of the User"
@@ -143,7 +144,7 @@ cmd=CommandParser::CmdParser.new(ARGV) do
 
     command :create, create_desc, :username, [:password, nil],
             :options=>create_options do
-        if args[1].nil?
+        if options[:ssh] or options[:x509]
             rc = helper.password(options)
             if rc.first == 0
                 pass = rc[1]