diff --git a/lib/tls.js b/lib/tls.js
index 36109469fd5..faacb09d500 100644
--- a/lib/tls.js
+++ b/lib/tls.js
@@ -156,14 +156,13 @@ function checkServerIdentity(host, cert) {
     dnsNames = dnsNames.concat(uriNames);
 
     // And only after check if hostname matches CN
-    // (because CN is deprecated, but should be used for compatiblity anyway)
     var commonNames = cert.subject.CN;
     if (Array.isArray(commonNames)) {
       for (var i = 0, k = commonNames.length; i < k; ++i) {
-        dnsNames.push(regexpify(commonNames[i], false));
+        dnsNames.push(regexpify(commonNames[i], true));
       }
     } else {
-      dnsNames.push(regexpify(commonNames, false));
+      dnsNames.push(regexpify(commonNames, true));
     }
 
     valid = dnsNames.some(function(re) {