diff --git a/libmproxy/resources/cert.cnf b/libmproxy/resources/cert.cnf
index 4f2525a98..4d95f646b 100644
--- a/libmproxy/resources/cert.cnf
+++ b/libmproxy/resources/cert.cnf
@@ -27,6 +27,7 @@ nsCertType = server
 basicConstraints = CA:false
 keyUsage = nonRepudiation, digitalSignature, keyEncipherment
 nsCertType = server
+%(altnames)s
 
 [ alt_names ]
 %(sans)s
diff --git a/libmproxy/utils.py b/libmproxy/utils.py
index 57a9e983d..474f78441 100644
--- a/libmproxy/utils.py
+++ b/libmproxy/utils.py
@@ -300,7 +300,15 @@ def dummy_cert(certdir, ca, commonname, sans):
     ss = "\n".join(ss)
 
     f = open(confpath, "w")
-    f.write(template%(dict(commonname=commonname, sans=ss)))
+    f.write(
+        template%(
+            dict(
+                commonname=commonname,
+                sans=ss,
+                altnames="subjectAltName = @alt_names" if ss else ""
+            )
+        )
+    )
     f.close()
 
     if ca: