diff --git a/etc/cert_generator.sh b/etc/cert_generator.sh
index a558420f99a..a14a48c3d83 100755
--- a/etc/cert_generator.sh
+++ b/etc/cert_generator.sh
@@ -13,12 +13,12 @@ set -o pipefail
 #    and processed with awk.
 # 2. Rows end with `"\n`.
 # 3. Each row is split by ^" and "," into columns.
-# 4. Single and double quotes are removed from column 30.
+# 4. Single and double quotes are removed from column 32.
 # 5. If column 13 (12 in the csv file) contains `Websites`
-#    (some are Email-only), column 30 is printed, the raw certificate.
+#    (some are Email-only), column 32 is printed, the raw certificate.
 # 6. All CA certs trusted for Websites are stored into the `certs` file.
 
 url="https://ccadb-public.secure.force.com/mozilla/IncludedCACertificateReportPEMCSV"
 curl "${url}" -sSf | gawk -v RS="\"\n" -F'","|^"' \
-'{gsub("\047","",$(30));gsub("\"","",$(30));if($(13)~/Websites/)print $(30)}' \
-> certs
+'{gsub("\047","",$(32));gsub("\"","",$(32));if($(13)~/Websites/)print $(32)}' \
+> ../resources/certs