diff --git a/Dockerfile b/Dockerfile
index c2c93436..7f5b923c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -17,6 +17,8 @@ RUN apt-get update \
 # ADD bootstrap files
 ADD ./bootstrap /bootstrap
 
+ARG CERT_SAN
+
 # Initialize LDAP with data
 RUN /bin/bash /bootstrap/slapd-init.sh
 
diff --git a/bootstrap/slapd-init.sh b/bootstrap/slapd-init.sh
index 6cca0f9f..a7852ff7 100644
--- a/bootstrap/slapd-init.sh
+++ b/bootstrap/slapd-init.sh
@@ -12,6 +12,8 @@ readonly LDAP_SECRET=GoodNewsEveryone
 readonly LDAP_SSL_KEY="/etc/ldap/ssl/ldap.key"
 readonly LDAP_SSL_CERT="/etc/ldap/ssl/ldap.crt"
 
+readonly CERT_SAN="${CERT_SAN:-DNS:${LDAP_DOMAIN}}"
+
 
 reconfigure_slapd() {
     echo "Reconfigure slapd..."
@@ -38,6 +40,7 @@ EOL
 make_snakeoil_certificate() {
     echo "Make snakeoil certificate for ${LDAP_DOMAIN}..."
     openssl req -subj "/CN=${LDAP_DOMAIN}" \
+                -addext "subjectAltName = ${CERT_SAN}" \
                 -new \
                 -newkey rsa:2048 \
                 -days 365 \