diff --git a/carapace-server/src/main/java/org/carapaceproxy/server/config/SSLCertificateConfiguration.java b/carapace-server/src/main/java/org/carapaceproxy/server/config/SSLCertificateConfiguration.java
index 874072270..6f963c0ab 100644
--- a/carapace-server/src/main/java/org/carapaceproxy/server/config/SSLCertificateConfiguration.java
+++ b/carapace-server/src/main/java/org/carapaceproxy/server/config/SSLCertificateConfiguration.java
@@ -93,10 +93,13 @@ public boolean isMoreSpecific(SSLCertificateConfiguration other) {
         if (subjectAltNames == null || subjectAltNames.isEmpty()) {
             return hostname.length() > other.getHostname().length();
         }
-        final var otherNames = other.getNames().stream().map(CertificatesUtils::removeWildcard);
-        for (var n: getNames()) {
+
+        final var otherNamesList = other.getNames().stream().map(CertificatesUtils::removeWildcard)
+                .collect(Collectors.toList());
+
+        for (var n : getNames()) {
             final var name = CertificatesUtils.removeWildcard(n);
-            if (otherNames.anyMatch(on -> name.length() > on.length())) {
+            if (otherNamesList.stream().anyMatch(on -> name.length() > on.length())) {
                 return true;
             }
         }
diff --git a/carapace-server/src/test/java/org/carapaceproxy/listeners/SSLSNITest.java b/carapace-server/src/test/java/org/carapaceproxy/listeners/SSLSNITest.java
index f3207ce71..97db6c779 100644
--- a/carapace-server/src/test/java/org/carapaceproxy/listeners/SSLSNITest.java
+++ b/carapace-server/src/test/java/org/carapaceproxy/listeners/SSLSNITest.java
@@ -96,10 +96,16 @@ public void testChooseCertificate() throws Exception {
             server.addCertificate(new SSLCertificateConfiguration("other", null, "cert", "pwd", STATIC));
             server.addCertificate(new SSLCertificateConfiguration("*.example.com", Set.of("example.com", "*.example2.com"), "cert", "pwd", STATIC));
             server.addCertificate(new SSLCertificateConfiguration("www.example.com", null, "cert", "pwd", STATIC));
+            server.addCertificate(new SSLCertificateConfiguration("*.qapatchweb.peachtest.it", Set.of("qapatchweb.peachtest.it"), "cert", "pwd", STATIC));
+            server.addCertificate(new SSLCertificateConfiguration("*.qapatch2web.peachtest.it", Set.of("qapatch2web.peachtest.it"), "cert", "pwd", STATIC));
+            server.addCertificate(new SSLCertificateConfiguration("*.peachtest.it", Set.of("gemini.peachtest.it"), "cert", "pwd", STATIC));
+
 
             // client requests bad SNI, bad default in listener
             assertNull(server.getListeners().chooseCertificate("no", "no-default"));
 
+            assertEquals("*.qapatchweb.peachtest.it", server.getListeners().chooseCertificate("test.qapatchweb.peachtest.it", "no-default").getId());
+
             // client requests SNI, bad default in listener
             assertEquals("other", server.getListeners().chooseCertificate("other", "no-default").getId());
 
@@ -142,6 +148,7 @@ public void testChooseCertificate() throws Exception {
             assertEquals("*", server.getListeners().chooseCertificate("", null).getId());
             assertEquals("*", server.getListeners().chooseCertificate(null, "").getId());
         }
+
     }
 
     @Test