diff --git a/base/ca/src/main/java/com/netscape/cmscore/dbs/CertificateRepository.java b/base/ca/src/main/java/com/netscape/cmscore/dbs/CertificateRepository.java
index 6721ea4fae2..538dc9095f7 100644
--- a/base/ca/src/main/java/com/netscape/cmscore/dbs/CertificateRepository.java
+++ b/base/ca/src/main/java/com/netscape/cmscore/dbs/CertificateRepository.java
@@ -1123,7 +1123,9 @@ public Enumeration<CertRecord> searchCertificates(String filter, int maxSize,
      * {@Code (&(certRecordId=5)(x509Cert.notBefore=934398398))}
      *
      * @param filter search filter
-     * @param maxSize max size to return
+     * @param timeLimit timeout value
+     * @param start first entry to return from the list
+     * @param size max size to return
      * @return a list of certificates
      * @exception EBaseException failed to search
      */
@@ -1133,7 +1135,7 @@ public Iterator<CertRecord> searchCertificates(String filter, int timeLimit, int
         ArrayList<CertRecord> records = new ArrayList<>();
         logger.debug("searchCertificates filter {filter}, start {start} and size {size}", filter, start, size);
         try (DBSSession s = dbSubsystem.createSession()) {
-            DBSearchResults sr  = s.pagedSearch(mBaseDN, filter, start, size);
+            DBSearchResults sr  = s.pagedSearch(mBaseDN, filter, start, size, timeLimit);
             while (sr.hasMoreElements()) {
                 records.add((CertRecord) sr.nextElement());
             }
diff --git a/base/ca/src/main/java/org/dogtagpki/server/ca/v2/CertServlet.java b/base/ca/src/main/java/org/dogtagpki/server/ca/v2/CertServlet.java
index ee1d5c32f76..54ff2ecf876 100644
--- a/base/ca/src/main/java/org/dogtagpki/server/ca/v2/CertServlet.java
+++ b/base/ca/src/main/java/org/dogtagpki/server/ca/v2/CertServlet.java
@@ -12,6 +12,7 @@
 import java.security.Principal;
 import java.security.PublicKey;
 import java.security.cert.X509Certificate;
+import java.text.SimpleDateFormat;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.Iterator;
@@ -26,12 +27,10 @@
 
 import org.dogtagpki.server.ca.CAEngine;
 import org.dogtagpki.server.ca.CAServlet;
-import org.dogtagpki.util.cert.CertUtil;
 import org.mozilla.jss.netscape.security.pkcs.ContentInfo;
 import org.mozilla.jss.netscape.security.pkcs.PKCS7;
 import org.mozilla.jss.netscape.security.pkcs.SignerInfo;
 import org.mozilla.jss.netscape.security.provider.RSAPublicKey;
-import org.mozilla.jss.netscape.security.util.CertPrettyPrint;
 import org.mozilla.jss.netscape.security.util.Utils;
 import org.mozilla.jss.netscape.security.x509.AlgorithmId;
 import org.mozilla.jss.netscape.security.x509.CRLExtensions;
@@ -138,11 +137,9 @@ private CertData getCertData(CertId id, Locale loc) throws Exception {
         Principal subjectDN = cert.getSubjectName();
         if (subjectDN != null) certData.setSubjectDN(subjectDN.toString());
 
-        String base64 = CertUtil.toPEM(cert);
-        certData.setEncoded(base64);
+        String base64 = Utils.base64encode(cert.getEncoded(), true);
 
-        CertPrettyPrint print = new CertPrettyPrint(cert);
-        certData.setPrettyPrint(print.toString(loc));
+        certData.setEncoded(base64);
 
         X509Certificate[] certChain = engine.getCertChain(cert);
 
@@ -159,11 +156,12 @@ private CertData getCertData(CertId id, Locale loc) throws Exception {
         String p7Str = Utils.base64encode(p7Bytes, true);
         certData.setPkcs7CertChain(p7Str);
 
+        SimpleDateFormat sdf = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss Z");
         Date notBefore = cert.getNotBefore();
-        if (notBefore != null) certData.setNotBefore(notBefore.toString());
+        if (notBefore != null) certData.setNotBefore(sdf.format(notBefore));
 
         Date notAfter = cert.getNotAfter();
-        if (notAfter != null) certData.setNotAfter(notAfter.toString());
+        if (notAfter != null) certData.setNotAfter(sdf.format(notAfter));
 
         certData.setRevokedOn(certRecord.getRevokedOn());
         certData.setRevokedBy(certRecord.getRevokedBy());
@@ -177,7 +175,7 @@ private CertData getCertData(CertId id, Locale loc) throws Exception {
                         revExts.get(CRLReasonExtension.NAME);
                     certData.setRevocationReason(ext.getReason().getCode());
                 } catch (X509ExtensionException e) {
-                    // nothing to do
+                    logger.debug("CRL extension error for certificate {}", id.toHexString());
                 }
             }
         }
@@ -216,9 +214,8 @@ private CertDataInfos listCerts(CertSearchRequest searchReq, int maxTime, int st
                 results.add(createCertDataInfo(rec));
             }
 
-            int total = results.size();
-            logger.info("Search results: " + total);
-            infos.setTotal(total);
+            infos.setTotal(results.size());
+            logger.info("Search results: " + results.size());
             infos.setEntries(results);
         } catch (Exception e) {
             logger.error("Unable to list certificates: " + e.getMessage(), e);