diff --git a/lemur/certificates/models.py b/lemur/certificates/models.py
index 9646d856..fcf89243 100644
--- a/lemur/certificates/models.py
+++ b/lemur/certificates/models.py
@@ -62,7 +62,6 @@ def get_sequence(name):
 
 
 def get_or_increase_name(name):
-    name = '-'.join(name.strip().split(' '))
     certificates = Certificate.query.filter(Certificate.name.ilike('{0}%'.format(name))).all()
 
     if not certificates:
@@ -138,7 +137,7 @@ class Certificate(db.Model):
 
         # when destinations are appended they require a valid name.
         if kwargs.get('name'):
-            self.name = get_or_increase_name(kwargs['name'])
+            self.name = get_or_increase_name(defaults.text_to_slug(kwargs['name']))
         else:
             self.name = get_or_increase_name(
                 defaults.certificate_name(self.cn, self.issuer, self.not_before, self.not_after, self.san))
diff --git a/lemur/common/defaults.py b/lemur/common/defaults.py
index bdee6563..d933cb9b 100644
--- a/lemur/common/defaults.py
+++ b/lemur/common/defaults.py
@@ -1,8 +1,25 @@
+import re
+import unicodedata
+
 from cryptography import x509
 from flask import current_app
 from lemur.constants import SAN_NAMING_TEMPLATE, DEFAULT_NAMING_TEMPLATE
 
 
+def text_to_slug(value):
+    """Normalize a string to a "slug" value, stripping character accents and removing non-alphanum characters."""
+
+    # Strip all character accents (ä => a): decompose Unicode characters and then drop combining chars.
+    value = ''.join(c for c in unicodedata.normalize('NFKD', value) if not unicodedata.combining(c))
+
+    # Replace all remaining non-alphanumeric characters with '-'. Multiple characters get collapsed into a single dash.
+    # Except, keep 'xn--' used in IDNA domain names as is.
+    value = re.sub(r'[^A-Za-z0-9.]+(?<!xn--)', '-', value)
+
+    # '-' in the beginning or end of string looks ugly.
+    return value.strip('-')
+
+
 def certificate_name(common_name, issuer, not_before, not_after, san):
     """
     Create a name for our certificate. A naming standard
@@ -25,21 +42,13 @@ def certificate_name(common_name, issuer, not_before, not_after, san):
 
     temp = t.format(
         subject=common_name,
-        issuer=issuer,
+        issuer=issuer.replace(' ', ''),
         not_before=not_before.strftime('%Y%m%d'),
         not_after=not_after.strftime('%Y%m%d')
     )
 
-    disallowed_chars = ''.join(c for c in map(chr, range(256)) if not c.isalnum())
-    disallowed_chars = disallowed_chars.replace("-", "")
-    disallowed_chars = disallowed_chars.replace(".", "")
     temp = temp.replace('*', "WILDCARD")
-
-    for c in disallowed_chars:
-        temp = temp.replace(c, "")
-
-    # white space is silly too
-    return temp.replace(" ", "-")
+    return text_to_slug(temp)
 
 
 def signing_algorithm(cert):
diff --git a/lemur/tests/test_certificates.py b/lemur/tests/test_certificates.py
index fed2b5e6..1359266e 100644
--- a/lemur/tests/test_certificates.py
+++ b/lemur/tests/test_certificates.py
@@ -22,7 +22,6 @@ from lemur.tests.vectors import VALID_ADMIN_HEADER_TOKEN, VALID_USER_HEADER_TOKE
 def test_get_or_increase_name(session, certificate):
     from lemur.certificates.models import get_or_increase_name
 
-    assert get_or_increase_name('test name') == 'test-name'
     assert get_or_increase_name(certificate.name) == '{0}-1'.format(certificate.name)
 
     certificate.name = 'test-cert-11111111'
diff --git a/lemur/tests/test_defaults.py b/lemur/tests/test_defaults.py
index 61e103a6..a72689cc 100644
--- a/lemur/tests/test_defaults.py
+++ b/lemur/tests/test_defaults.py
@@ -42,6 +42,19 @@ def test_cert_issuer(client):
     assert issuer(INTERNAL_VALID_LONG_CERT) == 'Example'
 
 
+def test_text_to_slug(client):
+    from lemur.common.defaults import text_to_slug
+    assert text_to_slug('test - string') == 'test-string'
+    # Accented characters are decomposed
+    assert text_to_slug('föö bär') == 'foo-bar'
+    # Melt away the Unicode Snowman
+    assert text_to_slug('\u2603') == ''
+    assert text_to_slug('\u2603test\u2603') == 'test'
+    assert text_to_slug('snow\u2603man') == 'snow-man'
+    # IDNA-encoded domain names should be kept as-is
+    assert text_to_slug('xn--i1b6eqas.xn--xmpl-loa9b3671b.com') == 'xn--i1b6eqas.xn--xmpl-loa9b3671b.com'
+
+
 def test_create_name(client):
     from lemur.common.defaults import certificate_name
     from datetime import datetime
@@ -59,3 +72,10 @@ def test_create_name(client):
         datetime(2015, 5, 12, 0, 0, 0),
         True
     ) == 'SAN-example.com-ExampleInc-20150507-20150512'
+    assert certificate_name(
+        'xn--mnchen-3ya.de',
+        'Vertrauenswürdig Autorität',
+        datetime(2015, 5, 7, 0, 0, 0),
+        datetime(2015, 5, 12, 0, 0, 0),
+        False
+    ) == 'xn--mnchen-3ya.de-VertrauenswurdigAutoritat-20150507-20150512'