diff --git a/lib/isc/tls.c b/lib/isc/tls.c
index 9f1aa63969..ff42be2428 100644
--- a/lib/isc/tls.c
+++ b/lib/isc/tls.c
@@ -227,7 +227,7 @@ isc_tlsctx_createserver(const char *keyfile, const char *certfile,
 
 		X509_set_pubkey(cert, pkey);
 
-		X509_NAME *name = X509_get_subject_name(cert);
+		X509_NAME *name = X509_NAME_dup(X509_get_subject_name(cert));
 
 		X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC,
 					   (const unsigned char *)"AQ", -1, -1,
@@ -242,6 +242,9 @@ isc_tlsctx_createserver(const char *keyfile, const char *certfile,
 					   -1, -1, 0);
 
 		X509_set_issuer_name(cert, name);
+
+		X509_NAME_free(name);
+
 		X509_sign(cert, pkey, isc__crypto_md[ISC_MD_SHA256]);
 		rv = SSL_CTX_use_certificate(ctx, cert);
 		if (rv != 1) {