diff --git a/lemur/certificates/service.py b/lemur/certificates/service.py
index 450b82e4..b955abeb 100644
--- a/lemur/certificates/service.py
+++ b/lemur/certificates/service.py
@@ -132,12 +132,18 @@ def update(cert_id, owner, description, notify, destinations, notifications, rep
 def create_certificate_roles(**kwargs):
     # create an role for the owner and assign it
     owner_role = role_service.get_by_name(kwargs['owner'])
+
     if not owner_role:
         owner_role = role_service.create(
             kwargs['owner'],
             description="Auto generated role based on owner: {0}".format(kwargs['owner'])
         )
 
+    # ensure that the authority's owner is also associated with the certificate
+    if kwargs.get('authority'):
+        authority_owner_role = role_service.get_by_name(kwargs['authority'].owner)
+        return [owner_role, authority_owner_role]
+
     return [owner_role]
 
 
diff --git a/lemur/tests/test_certificates.py b/lemur/tests/test_certificates.py
index 67e99a65..6b2f373e 100644
--- a/lemur/tests/test_certificates.py
+++ b/lemur/tests/test_certificates.py
@@ -459,6 +459,11 @@ def test_certificate_put(client, token, status):
     assert client.put(api.url_for(Certificates, certificate_id=1), data={}, headers=token).status_code == status
 
 
+def test_certificate_put_with_data(client, certificate, issuer_plugin):
+    resp = client.put(api.url_for(Certificates, certificate_id=certificate.id), data=json.dumps({'owner': 'bob@example.com', 'description': 'test', 'notify': True}), headers=VALID_ADMIN_HEADER_TOKEN)
+    assert resp.status_code == 200
+
+
 @pytest.mark.parametrize("token,status", [
     (VALID_USER_HEADER_TOKEN, 405),
     (VALID_ADMIN_HEADER_TOKEN, 405),