diff --git a/enos/modules/verify_secrets_engines/modules/create/pki.tf b/enos/modules/verify_secrets_engines/modules/create/pki.tf
index 49d530ca6c1e..69d204b4970b 100644
--- a/enos/modules/verify_secrets_engines/modules/create/pki.tf
+++ b/enos/modules/verify_secrets_engines/modules/create/pki.tf
@@ -8,13 +8,13 @@ locals {
   pki_common_name           = "common"
   pki_default_ttl           = "72h"
   pki_test_data_path_prefix = "smoke"
-  tmp_test_results          = "tmp_test_results"
+  pki_tmp_test_results      = "tmp-test-results"
 
   // Output
   pki_output = {
     mount        = local.pki_mount
     common_name  = local.pki_common_name
-    test_results = local.tmp_test_results
+    test_results = local.pki_tmp_test_results
   }
 
   test = {
@@ -58,7 +58,7 @@ resource "enos_remote_exec" "pki_issue_certificates" {
     COMMON_NAME       = local.pki_common_name
     ISSUER_NAME       = local.pki_issuer_name
     TTL               = local.pki_default_ttl
-    TMP_TEST_RESULTS  = local.tmp_test_results
+    TMP_TEST_RESULTS  = local.pki_tmp_test_results
   }
 
   scripts = [abspath("${path.module}/../../scripts/kv-pki-issue-certificates.sh")]
diff --git a/enos/modules/verify_secrets_engines/modules/read/pki.tf b/enos/modules/verify_secrets_engines/modules/read/pki.tf
index 4dff25a2e7a3..cf51ff5e483f 100644
--- a/enos/modules/verify_secrets_engines/modules/read/pki.tf
+++ b/enos/modules/verify_secrets_engines/modules/read/pki.tf
@@ -8,13 +8,13 @@ locals {
   pki_common_name           = "common"
   pki_default_ttl           = "72h"
   pki_test_data_path_prefix = "smoke"
-  tmp_test_results          = "tmp_test_results"
+  pki_tmp_test_results      = "tmp-test-results"
 
   // Output
   pki_output = {
     mount        = local.pki_mount
     common_name  = local.pki_common_name
-    test_results = local.tmp_test_results
+    test_results = local.pki_tmp_test_results
   }
 
   test = {
@@ -38,7 +38,7 @@ resource "enos_remote_exec" "pki_verify_certificates" {
     COMMON_NAME       = local.pki_common_name
     ISSUER_NAME       = local.pki_issuer_name
     TTL               = local.pki_default_ttl
-    TMP_TEST_RESULTS  = local.tmp_test_results
+    TMP_TEST_RESULTS  = local.pki_tmp_test_results
   }
 
   scripts = [abspath("${path.module}/../../scripts/kv-pki-verify-certificates.sh")]
diff --git a/enos/modules/verify_secrets_engines/scripts/kv-pki-issue-certificates.sh b/enos/modules/verify_secrets_engines/scripts/kv-pki-issue-certificates.sh
index 55f12262ca3a..9d05aa9ddce1 100755
--- a/enos/modules/verify_secrets_engines/scripts/kv-pki-issue-certificates.sh
+++ b/enos/modules/verify_secrets_engines/scripts/kv-pki-issue-certificates.sh
@@ -26,6 +26,7 @@ export VAULT_FORMAT=json
 CA_NAME="${MOUNT}.pem"
 SIGNED_CERT_NAME="${MOUNT}-signed.pem"
 ROLE_NAME="${COMMON_NAME}-role"
+SUBJECT="test.${COMMON_NAME}"
 TMP_TTL="1h"
 rm -rf "${TMP_TEST_RESULTS}"
 mkdir "${TMP_TEST_RESULTS}"
@@ -38,7 +39,7 @@ mkdir "${TMP_TEST_RESULTS}"
 # Creating a role
 "$binpath" write "${MOUNT}/roles/${ROLE_NAME}" allowed_domains="${COMMON_NAME}.com" allow_subdomains=true max_ttl="${TMP_TTL}"
 # Issuing Signed Certificate
-"$binpath" write "${MOUNT}/issue/${ROLE_NAME}" common_name="test.${COMMON_NAME}.com" ttl="${TMP_TTL}" | jq -r '.data.certificate' > "${TMP_TEST_RESULTS}/${SIGNED_CERT_NAME}"
+"$binpath" write "${MOUNT}/issue/${ROLE_NAME}" common_name="${SUBJECT}.com" ttl="${TMP_TTL}" | jq -r '.data.certificate' > "${TMP_TEST_RESULTS}/${SIGNED_CERT_NAME}"
 
 # ------ Generate and sign intermediate ------
 INTERMEDIATE_COMMON_NAME="intermediate-${COMMON_NAME}"
diff --git a/enos/modules/verify_secrets_engines/scripts/kv-pki-verify-certificates.sh b/enos/modules/verify_secrets_engines/scripts/kv-pki-verify-certificates.sh
index a3ca877f912a..29af5d8a3fd3 100755
--- a/enos/modules/verify_secrets_engines/scripts/kv-pki-verify-certificates.sh
+++ b/enos/modules/verify_secrets_engines/scripts/kv-pki-verify-certificates.sh
@@ -39,21 +39,36 @@ VAULT_CERTS=$("$binpath" list -format=json "${MOUNT}/certs" | jq -r '.[]')
 [[ -z "$VAULT_CERTS" ]] && fail "VAULT_CERTS should include vault certificates"
 
 # Verifying Certificates
+TMP_FILE="tmp-vault-cert.pem"
+REVOKED_CERTS=()
 for CERT in $VAULT_CERTS; do
-  echo "Getting Certificate from Vault PKI: ${CERT}"
-  "$binpath" read "${MOUNT}/cert/${CERT}" | jq -r '.data.certificate' > "${TMP_TEST_RESULTS}/tmp_vault_cert.pem"
-  echo "Verifying Certificate..."
-  openssl x509 -in "${TMP_TEST_RESULTS}/tmp_vault_cert.pem" -text -noout || fail "The certificate appears to be improperly configured or contains errors"
-  echo "Successfully Verified Certificate"
+  echo "Getting certificate from Vault PKI: ${CERT}"
+  "$binpath" read "${MOUNT}/cert/${CERT}" | jq -r '.data.certificate' > "${TMP_TEST_RESULTS}/${TMP_FILE}"
+  echo "Verifying certificate..."
+  openssl x509 -in "${TMP_TEST_RESULTS}/${TMP_FILE}" -text -noout || fail "The certificate appears to be improperly configured or contains errors"
+  CURR_CERT_SERIAL=$(echo "${CERT}" | tr -d ':' | tr '[:lower:]' '[:upper:]')
+  TMP_CERT_SUBJECT=$(openssl x509 -in "${TMP_TEST_RESULTS}/${TMP_FILE}" -noout -subject)
+  TMP_CERT_ISSUER=$(openssl x509 -in "${TMP_TEST_RESULTS}/${TMP_FILE}" -noout -issuer)
+  TMP_CERT_SERIAL=$(openssl x509 -in "${TMP_TEST_RESULTS}/${TMP_FILE}" -noout -serial)
+  [[ "${TMP_CERT_SUBJECT}" == *"${COMMON_NAME}.com"* ]] || fail "Subject is incorrect. Actual Subject: ${TMP_CERT_SUBJECT}"
+  [[ "${TMP_CERT_ISSUER}" == *"${COMMON_NAME}.com"* ]] || fail "Issuer is incorrect. Actual Issuer: ${TMP_CERT_ISSUER}"
+  [[ "${TMP_CERT_SERIAL}" == *"${CURR_CERT_SERIAL}"* ]] || fail "Certificate Serial is incorrect. Actual certificate Serial: ${CURR_CERT_SERIAL},${TMP_CERT_SERIAL}"
+  echo "Certificate successfully verified"
 
-  IS_CA=$(openssl x509 -in "${TMP_TEST_RESULTS}/tmp_vault_cert.pem" -text -noout | grep -q "CA:TRUE" && echo "TRUE" || echo "FALSE")
+  IS_CA=$(openssl x509 -in "${TMP_TEST_RESULTS}/${TMP_FILE}" -text -noout | grep -q "CA:TRUE" && echo "TRUE" || echo "FALSE")
   if [[ "${IS_CA}" == "FALSE" ]]; then
-    echo "Revoking Certificate: ${CERT}"
+    echo "Revoking certificate: ${CERT}"
     "$binpath" write "${MOUNT}/revoke" serial_number="${CERT}" || fail "Could not revoke certificate ${CERT}"
+    REVOKED_CERTS+=("$CERT")
   else
     echo "Skipping revoking step for this certificate to being a root CA Cert: ${CERT}"
   fi
 done
 
-# Verify List Revoked Certificate
-"$binpath" list -format=json "${MOUNT}/certs/revoked" | jq -r '.[]' || fail "There are no revoked certificate listed"
\ No newline at end of file
+echo "Verifying Revoked Certificates"
+REVOKED_CERT_FROM_LIST=$("$binpath" list -format=json "${MOUNT}/certs/revoked" | jq -r '.[]')
+[[ -z "$REVOKED_CERT_FROM_LIST" ]] && fail "No revoked certificates are listed."
+for CERT in "${REVOKED_CERTS[@]}"; do
+  [[ "${REVOKED_CERT_FROM_LIST}" == *"${CERT}"* ]] || fail "Unable to locate certificate in the Vault Revoked Certificate List: ${CERT}"
+done
+echo "Revoked certificate successfully verified"
\ No newline at end of file