diff --git a/controllers/kafkauser_controller.go b/controllers/kafkauser_controller.go
index 6409e55c9..2a7df7856 100644
--- a/controllers/kafkauser_controller.go
+++ b/controllers/kafkauser_controller.go
@@ -238,9 +238,9 @@ func (r *KafkaUserReconciler) Reconcile(ctx context.Context, request reconcile.R
 				return requeueWithError(reqLogger, "failed to reconcile user secret", err)
 			}
 		}
-		kafkaUser, err = user.DN()
+		kafkaUser, err = user.GetDistinguishedName()
 		if err != nil {
-			reqLogger.Error(err, "could not get Distinguished Name from the generated TLS certificate")
+			reqLogger.Error(err, "could not get Distinguished Name from the generated TLS certificate", "cert", string(user.Certificate))
 			return ctrl.Result{
 				Requeue: false,
 			}, err
diff --git a/pkg/util/pki/common.go b/pkg/util/pki/common.go
index 54961562d..9668ba0a9 100644
--- a/pkg/util/pki/common.go
+++ b/pkg/util/pki/common.go
@@ -93,8 +93,8 @@ type UserCertificate struct {
 	Password    []byte
 }
 
-// DN returns the Distinguished Name of a TLS certificate
-func (u *UserCertificate) DN() (string, error) {
+//  GetDistinguishedName returns the Distinguished Name of a TLS certificate
+func (u *UserCertificate) GetDistinguishedName() (string, error) {
 	// cert has already been validated so we can assume no error
 	cert, err := certutil.DecodeCertificate(u.Certificate)
 	if err != nil {
diff --git a/pkg/util/pki/pki_common_test.go b/pkg/util/pki/pki_common_test.go
index 2cb6508cc..586e91fd7 100644
--- a/pkg/util/pki/pki_common_test.go
+++ b/pkg/util/pki/pki_common_test.go
@@ -42,7 +42,7 @@ func TestDN(t *testing.T) {
 	userCert := &UserCertificate{
 		Certificate: cert,
 	}
-	dn, err := userCert.DN()
+	dn, err := userCert.GetDistinguishedName()
 	if err != nil {
 		t.Errorf("error should be nil, got: %s", err)
 	}