diff --git a/charms_openstack/charm/classes.py b/charms_openstack/charm/classes.py
index 95176ff..0e786d7 100644
--- a/charms_openstack/charm/classes.py
+++ b/charms_openstack/charm/classes.py
@@ -509,6 +509,13 @@ class HAOpenStackCharm(OpenStackAPICharm):
         if restart:
             ch_host.service_restart('apache2')
 
+    def get_default_cn(self):
+        """Return the default Canonical Name to be used for SSL setup
+
+        @returns 'canonical_name'
+        """
+        return os_ip.resolve_address(endpoint_type=os_ip.INTERNAL)
+
     def configure_cert(self, cert, key, cn=None):
         """Configure service SSL cert and key
 
@@ -525,7 +532,8 @@ class HAOpenStackCharm(OpenStackAPICharm):
             ssl_dir = os.path.join('/etc/apache2/ssl/', self.name)
 
         if not cn:
-            cn = os_ip.resolve_address(endpoint_type=os_ip.INTERNAL)
+            cn = self.get_default_cn()
+
         ch_host.mkdir(path=ssl_dir)
         if cn:
             cert_filename = 'cert_{}'.format(cn)
@@ -576,7 +584,7 @@ class HAOpenStackCharm(OpenStackAPICharm):
                 'cert': self.config_defined_ssl_cert.decode('utf-8'),
                 'ca': (self.config_defined_ssl_ca.decode('utf-8')
                        if self.config_defined_ssl_ca else None),
-                'cn': None}]
+                'cn': self.get_default_cn()}]
         elif keystone_interface:
             keys_and_certs = []
             for addr in self.get_local_addresses():
diff --git a/unit_tests/charms_openstack/charm/test_classes.py b/unit_tests/charms_openstack/charm/test_classes.py
index 19a301d..611fbd5 100644
--- a/unit_tests/charms_openstack/charm/test_classes.py
+++ b/unit_tests/charms_openstack/charm/test_classes.py
@@ -672,22 +672,24 @@ class TestHAOpenStackCharm(BaseOpenStackCharmTest):
             'ssl_cert': base64.b64encode(b'cert'),
             'ssl_ca': base64.b64encode(b'ca')}
         self.patch_target('config', new=config)
+        self.patch_object(chm.os_ip, 'resolve_address', 'addr')
         self.patch_object(chm.os_utils, 'snap_install_requested',
                           return_value=False)
         self.assertEqual(
             self.target.get_certs_and_keys(),
-            [{'key': 'key', 'cert': 'cert', 'ca': 'ca', 'cn': None}])
+            [{'key': 'key', 'cert': 'cert', 'ca': 'ca', 'cn': 'addr'}])
 
     def test_get_certs_and_keys_noca(self):
         config = {
             'ssl_key': base64.b64encode(b'key'),
             'ssl_cert': base64.b64encode(b'cert')}
         self.patch_target('config', new=config)
+        self.patch_object(chm.os_ip, 'resolve_address', 'addr')
         self.patch_object(chm.os_utils, 'snap_install_requested',
                           return_value=False)
         self.assertEqual(
             self.target.get_certs_and_keys(),
-            [{'key': 'key', 'cert': 'cert', 'ca': None, 'cn': None}])
+            [{'key': 'key', 'cert': 'cert', 'ca': None, 'cn': 'addr'}])
 
     def test_get_certs_and_keys_ks_interface(self):
         class KSInterface(object):