diff --git a/rcgen/src/certificate.rs b/rcgen/src/certificate.rs
index ab10a7c1..ece0feaf 100644
--- a/rcgen/src/certificate.rs
+++ b/rcgen/src/certificate.rs
@@ -158,13 +158,13 @@ impl CertificateParams {
 	pub fn signed_by(
 		self,
 		public_key: &impl PublicKeyData,
-		issuer: &impl AsRef<CertificateParams>,
+		issuer: &Certificate,
 		issuer_key: &KeyPair,
 	) -> Result<Certificate, Error> {
 		let issuer = Issuer {
-			distinguished_name: &issuer.as_ref().distinguished_name,
-			key_identifier_method: &issuer.as_ref().key_identifier_method,
-			key_usages: &issuer.as_ref().key_usages,
+			distinguished_name: &issuer.params.distinguished_name,
+			key_identifier_method: &issuer.params.key_identifier_method,
+			key_usages: &issuer.params.key_usages,
 			key_pair: issuer_key,
 		};
 
diff --git a/rcgen/src/crl.rs b/rcgen/src/crl.rs
index 373bab15..1e7777f4 100644
--- a/rcgen/src/crl.rs
+++ b/rcgen/src/crl.rs
@@ -9,7 +9,7 @@ use yasna::Tag;
 use crate::ENCODE_CONFIG;
 use crate::{
 	oid, write_distinguished_name, write_dt_utc_or_generalized,
-	write_x509_authority_key_identifier, write_x509_extension, CertificateParams, Error, Issuer,
+	write_x509_authority_key_identifier, write_x509_extension, Certificate, Error, Issuer,
 	KeyIdMethod, KeyPair, KeyUsagePurpose, SerialNumber,
 };
 
@@ -190,7 +190,7 @@ impl CertificateRevocationListParams {
 	/// Including a signature from the issuing certificate authority's key.
 	pub fn signed_by(
 		self,
-		issuer: &impl AsRef<CertificateParams>,
+		issuer: &Certificate,
 		issuer_key: &KeyPair,
 	) -> Result<CertificateRevocationList, Error> {
 		if self.next_update.le(&self.this_update) {
@@ -198,9 +198,9 @@ impl CertificateRevocationListParams {
 		}
 
 		let issuer = Issuer {
-			distinguished_name: &issuer.as_ref().distinguished_name,
-			key_identifier_method: &issuer.as_ref().key_identifier_method,
-			key_usages: &issuer.as_ref().key_usages,
+			distinguished_name: &issuer.params.distinguished_name,
+			key_identifier_method: &issuer.params.key_identifier_method,
+			key_usages: &issuer.params.key_usages,
 			key_pair: issuer_key,
 		};
 
diff --git a/rcgen/src/csr.rs b/rcgen/src/csr.rs
index 336c491c..ebe1b0f4 100644
--- a/rcgen/src/csr.rs
+++ b/rcgen/src/csr.rs
@@ -194,8 +194,7 @@ impl CertificateSigningRequestParams {
 	///
 	/// The returned certificate will have its issuer field set to the subject of the provided
 	/// `issuer`, and the authority key identifier extension will be populated using the subject
-	/// public key of `issuer` (typically either a [`CertificateParams`] or
-	/// [`Certificate`]). It will be signed by `issuer_key`.
+	/// public key of `issuer`. It will be signed by `issuer_key`.
 	///
 	/// Note that no validation of the `issuer` certificate is performed. Rcgen will not require
 	/// the certificate to be a CA certificate, or have key usage extensions that allow signing.
@@ -204,13 +203,13 @@ impl CertificateSigningRequestParams {
 	/// [`Certificate::pem`].
 	pub fn signed_by(
 		self,
-		issuer: &impl AsRef<CertificateParams>,
+		issuer: &Certificate,
 		issuer_key: &KeyPair,
 	) -> Result<Certificate, Error> {
 		let issuer = Issuer {
-			distinguished_name: &issuer.as_ref().distinguished_name,
-			key_identifier_method: &issuer.as_ref().key_identifier_method,
-			key_usages: &issuer.as_ref().key_usages,
+			distinguished_name: &issuer.params.distinguished_name,
+			key_identifier_method: &issuer.params.key_identifier_method,
+			key_usages: &issuer.params.key_usages,
 			key_pair: issuer_key,
 		};