diff --git a/backend/src/net/ssl.rs b/backend/src/net/ssl.rs
index 7120cb07f..0d959dc88 100644
--- a/backend/src/net/ssl.rs
+++ b/backend/src/net/ssl.rs
@@ -164,7 +164,8 @@ impl SslManager {
         let (root_key, root_cert) = match store.load_root_certificate().await? {
             None => {
                 let root_key = generate_key()?;
-                let root_cert = make_root_cert(&root_key)?;
+                let server_id = crate::hostname::get_id().await?;
+                let root_cert = make_root_cert(&root_key, &server_id)?;
                 store.save_root_certificate(&root_key, &root_cert).await?;
                 Ok::<_, Error>((root_key, root_cert))
             }
@@ -307,7 +308,7 @@ fn generate_key() -> Result<PKey<Private>, Error> {
     Ok(key)
 }
 #[instrument]
-fn make_root_cert(root_key: &PKey<Private>) -> Result<X509, Error> {
+fn make_root_cert(root_key: &PKey<Private>, server_id: &str) -> Result<X509, Error> {
     let mut builder = X509Builder::new()?;
     builder.set_version(CERTIFICATE_VERSION)?;
 
@@ -320,7 +321,8 @@ fn make_root_cert(root_key: &PKey<Private>) -> Result<X509, Error> {
     builder.set_serial_number(&*rand_serial()?)?;
 
     let mut subject_name_builder = X509NameBuilder::new()?;
-    subject_name_builder.append_entry_by_text("CN", "Embassy Local Root CA")?;
+    subject_name_builder
+        .append_entry_by_text("CN", &format!("Embassy Local Root CA ({})", server_id))?;
     subject_name_builder.append_entry_by_text("O", "Start9")?;
     subject_name_builder.append_entry_by_text("OU", "Embassy")?;
     let subject_name = subject_name_builder.build();