diff --git a/roles/rproxy/tasks/addconfig.yml b/roles/rproxy/tasks/addconfig.yml
index 086ca43..9539903 100644
--- a/roles/rproxy/tasks/addconfig.yml
+++ b/roles/rproxy/tasks/addconfig.yml
@@ -37,6 +37,12 @@
       become_user: "{{ ansible_user }}"
       ignore_errors: true
 
+    - name: "Allow {{ ansible_facts['hostname'] }}.{{ ansible_facts['domain'] }} to get certificates for HTTP/{{ rproxy_service_name }}.{{ ansible_facts['domain'] }} SPN "
+      ansible.builtin.shell:
+        cmd: "ipa service-add-host --hosts={{ ansible_facts['hostname'] }}.{{ ansible_facts['domain'] }} HTTP/{{ rproxy_service_name }}.{{ ansible_facts['domain'] }}"
+      become: false
+      become_user: "{{ ansible_user }}"
+
     - name: Request certificate via ipa-getcert
       ansible.builtin.command: >
         ipa-getcert request