diff --git a/phpseclib/File/X509.php b/phpseclib/File/X509.php
index 1018b8ea..65d5069b 100644
--- a/phpseclib/File/X509.php
+++ b/phpseclib/File/X509.php
@@ -2100,7 +2100,8 @@ class File_X509
         if ($names = $this->getExtension('id-ce-subjectAltName')) {
             foreach ($names as $name) {
                 foreach ($name as $key => $value) {
-                    $value = str_replace(array('.', '*'), array('\.', '[^.]*'), $value);
+                    $value = preg_quote($value);
+                    $value = str_replace('\*', '[^.]*', $value);
                     switch ($key) {
                         case 'dNSName':
                             /* From RFC2818 "HTTP over TLS":
diff --git a/tests/Unit/File/X509/X509Test.php b/tests/Unit/File/X509/X509Test.php
index 9e133dc6..4abdcd50 100644
--- a/tests/Unit/File/X509/X509Test.php
+++ b/tests/Unit/File/X509/X509Test.php
@@ -896,4 +896,107 @@ BbNA6tFZAwLoX18R6yEmzHAQ+R2Eliiaz7mgQ+M2d0ec6qQJFoO7aJsX
 
         $this->assertIsArray($r);
     }
+
+    public function testWildcardCert()
+    {
+        $cert = '-----BEGIN CERTIFICATE-----
+MIIKqDCCCZCgAwIBAgIQAZ3dCTUFVNcaZ4TM/m6DFTANBgkqhkiG9w0BAQsFADBY
+MQswCQYDVQQGEwJCRTEZMBcGA1UEChMQR2xvYmFsU2lnbiBudi1zYTEuMCwGA1UE
+AxMlR2xvYmFsU2lnbiBBdGxhcyBSMyBEViBUTFMgQ0EgMjAyMyBRMzAeFw0yMzA5
+MTIxOTM4MDVaFw0yNDEwMTMxOTM4MDRaMBIxEDAOBgNVBAMMB2Nubi5jb20wggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDsZniL9RpV7hDYPJvS4TGa39w5
+BLHGsPhi4lV4HVtyIme0/NMMmszIeNoY+aaDSM2dn0gw29GIq1prZSAQK8BgDU6a
+otU5mWG8J+xABnn75DQ1BHjXZFl4EfjL4mIhMaVY34O+0wG06owvFDUgxRzYnwlb
+y6WEJfTRyv70MF6EIq0zZxW2cMgfyuq8ZEtgYddSr4I/2/xVxACBUDFYNqYbr9AR
+qmJKvzglrSYULaBJ84oY3RnBnDCVUkMW3qYT1mIDop+Jz4wLyMyvHq0QA0wY/BhI
+ByhJTkdQy7xH2N8O2MohQmaVo6x6w01cqsZyIHND1JSL3lAJiMtU8aMl3+edAgMB
+AAGjggeyMIIHrjCCBGcGA1UdEQSCBF4wggRaggdjbm4uY29tgg0qLmFwaS5jbm4u
+Y29tggwqLmFwaS5jbm4uaW+CHSouYXBpLmVsZWN0aW9udHJhY2tlci5jbm4uY29t
+ghYqLmFwaS5wbGF0Zm9ybS5jbm4uY29tghAqLmFyYWJpYy5jbm4uY29tghQqLmFy
+dGVtaXMudHVybmVyLmNvbYIPKi5ibG9ncy5jbm4uY29tghgqLmNsaWVudC5hcHBs
+ZXR2LmNubi5jb22CCSouY25uLmNvbYIIKi5jbm4uaW+CDyouY25uYXJhYmljLmNv
+bYIOKi5jbm5tb25leS5jb22CESouY25ucG9saXRpY3MuY29tghYqLmNvbmZpZy5v
+dXR0dXJuZXIuY29tghEqLmRhdGEuYXBpLmNubi5pb4IRKi5lZGl0aW9uLmNubi5j
+b22CFyouZWRpdGlvbi5pLmNkbi5jbm4uY29tghwqLmVkaXRpb24uc3RhZ2UubmV4
+dC5jbm4uY29tgh0qLmVkaXRpb24uc3RhZ2UyLm5leHQuY25uLmNvbYIdKi5lZGl0
+aW9uLnN0YWdlMy5uZXh0LmNubi5jb22CEyouZWxlY3Rpb25zLmNubi5jb22CGSou
+ZWxlY3Rpb250cmFja2VyLmNubi5jb22CDCouZ28uY25uLmNvbYIPKi5pLmNkbi5j
+bm4uY29tghYqLm1hcmtldHMubW9uZXkuY25uLmlvgg8qLm1vbmV5LmNubi5jb22C
+DioubmV4dC5jbm4uY29tghYqLm9kbS5wbGF0Zm9ybS5jbm4uY29tgg8qLm91dHR1
+cm5lci5jb22CEioucGxhdGZvcm0uY25uLmNvbYIfKi5zZWN0aW9uLWNvbnRlbnQu
+bW9uZXkuY25uLmNvbYIUKi5zdGFnZS5uZXh0LmNubi5jb22CFSouc3RhZ2UyLm5l
+eHQuY25uLmNvbYIVKi5zdGFnZTMubmV4dC5jbm4uY29tghEqLnN0ZWxsYXIuY25u
+LmNvbYIUKi50ZXJyYS5uZXh0LmNubi5jb22CECoudHJhdmVsLmNubi5jb22CEyou
+d3d3LmkuY2RuLmNubi5jb22CD2FwaS5ldHAuY25uLmNvbYIWY2xpZW50LmFwcGxl
+dHYuY25uLmNvbYINY25uYXJhYmljLmNvbYIMY25ubW9uZXkuY29tgg9jbm5wb2xp
+dGljcy5jb22CDWRjZmFuZG9tZS5jb22CHGdyYXBocWwudmVydGljYWxzLmFwaS5j
+bm4uaW+CFGkuY2RuLnRyYXZlbC5jbm4uY29tghlwcmV2aWV3LmRldi5tb25leS5j
+bm4uY29tghhwcmV2aWV3LnFhLm1vbmV5LmNubi5jb22CGXByZXZpZXcucmVmLm1v
+bmV5LmNubi5jb22CG3ByZXZpZXcudHJhaW4ubW9uZXkuY25uLmNvbYIacHJldmll
+dzIucmVmLm1vbmV5LmNubi5jb22CD3VuZGVyc2NvcmVkLmNvbTAOBgNVHQ8BAf8E
+BAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBT9
+Fy8eFhWRk9UjmQVNdVD8lZEhFTBXBgNVHSAEUDBOMAgGBmeBDAECATBCBgorBgEE
+AaAyCgEDMDQwMgYIKwYBBQUHAgEWJmh0dHBzOi8vd3d3Lmdsb2JhbHNpZ24uY29t
+L3JlcG9zaXRvcnkvMAwGA1UdEwEB/wQCMAAwgZ4GCCsGAQUFBwEBBIGRMIGOMEAG
+CCsGAQUFBzABhjRodHRwOi8vb2NzcC5nbG9iYWxzaWduLmNvbS9jYS9nc2F0bGFz
+cjNkdnRsc2NhMjAyM3EzMEoGCCsGAQUFBzAChj5odHRwOi8vc2VjdXJlLmdsb2Jh
+bHNpZ24uY29tL2NhY2VydC9nc2F0bGFzcjNkdnRsc2NhMjAyM3EzLmNydDAfBgNV
+HSMEGDAWgBTtoOYBBT40ghqkT1/FvRFBqt/zYTBIBgNVHR8EQTA/MD2gO6A5hjdo
+dHRwOi8vY3JsLmdsb2JhbHNpZ24uY29tL2NhL2dzYXRsYXNyM2R2dGxzY2EyMDIz
+cTMuY3JsMIIBfgYKKwYBBAHWeQIEAgSCAW4EggFqAWgAdQDuzdBk1dsazsVct520
+zROiModGfLzs3sNRSFlGcR+1mwAAAYqK5qvdAAAEAwBGMEQCIE08u4H1qqO/W1OP
+YxuxGftmdYvpngZDDBIKPJtwCB1qAiBjpQIgGnsX7H5wVWzxZtpff+gB6a9V+VGx
+YY6hTg5eSAB2AD8XS0/XIkdYlB1lHIS+DRLtkDd/H4Vq68G/KIXs+GRuAAABiorm
+rCoAAAQDAEcwRQIhAKgfE42oSB7890qz2OJXfydLzubHcsHtPNbO43Z3IsczAiBX
+bvuajpVoxMlYmMHhiVS4/qF9Wd1nACXQBy3KaTen8AB3AHb/iD8KtvuVUcJhzPWH
+ujS0pM27KdxoQgqf5mdMWjp0AAABiormrGkAAAQDAEgwRgIhAOCBs1ExXErb1s3+
+mI53aclpYutFJSWHmbnxbw5lULlEAiEAsrJQzWT2E4w5xcoeC0Zt+nMubTJG2BG7
+2KKQnHPiNlswDQYJKoZIhvcNAQELBQADggEBAGMUNah4Pw60DYWQbtlH0jFYdvNM
+s+Vsh27OQEYbhE2itGWs0JvvQUDst7Y+jMHPre5NZtdmr1RnmQFoVofTvwxQxtJ4
+VOqJfh2X1LTv4VrZI9m6lBLN729CDO/TKeVP9hiflVqe7faAXT8KBEFwPWE5If+z
+VqSx3vPmDx+RM7OXYrVzhEmhVVjRq7yANUF+oxW64zK4zsNzYGUAyp1gmInaXKN5
+XSRklj10ZrVHcd0XLuAME/9+54Bm7TvRfI46hfCfu6FbQPIX3gg+5j+MZJSdIuQJ
+dzXhMVAQYlpu27381/Ts2SuDx6v/cZ8lV8D5o/xTtCpWAnLxM2bxSyVnYbk=
+-----END CERTIFICATE-----';
+
+        $x509 = new File_X509();
+        $cert = $x509->loadX509($cert);
+
+        $this->assertTrue($x509->validateURL('https://asdf.cnn.com/'));
+        $this->assertFalse($x509->validateURL('https://asdf.cnn2.com/'));
+    }
+
+    /**
+     * @group github1943
+     */
+    public function testWeirdCharsCert()
+    {
+        $cert = '-----BEGIN CERTIFICATE-----
+MIIDtTCCAp2gAwIBAgICECEwDQYJKoZIhvcNAQELBQAwYzELMAkGA1UEBhMCVVMx
+ITAfBgNVBAoTGFRoZSBHbyBEYWRkeSBHcm91cCwgSW5jLjExMC8GA1UECxMoR28g
+RGFkZHkgQ2xhc3MgMiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0xNjAyMDcx
+NzI0MDBaFw0yNDAxMDYwNjQ0NThaMHkxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJD
+QTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEUMBIGA1UEChMLR29vZ2xlIEluYy4x
+GDAWBgNVBAsTD0dvb2dsZSBSZXNlYXJjaDEVMBMGA1UEAxQMKi5nb29nbGUuY29t
+MIIBIDANBgkqhkiG9w0BAQEFAAOCAQ0AMIIBCAKCAQEAxUWTaM/RKjoA8urhPYXr
+Nh2Oz9HA88XkFIxhD3pm80wBlTTTnymSJJVWKpEJO7OyengVFRIv7U19VAFd8VCh
+TCiFl7a4hsiWWQi3zh/NYgj0BnweNriblknBKTze6te1DP8otZ22qBUmhCR27aER
+MWE9urWLwMIuJN/hxK234MljS9lBB3fv52RrZzSftga/P5zK34ZOlbnGcLbtoKR3
+p0uWakBZM8u/665hQ4u4+YkA2kJy5YSF6wXpYKl29/mj1w9ODJTUFj3KmliiGXeo
+2IhYLu4Pq52D7OKjDvKZRKK6tOM8Pii1c310ljlCewCuF/Oy/ygbNmaJG7J8/jTA
+pwIBA6NfMF0wDAYDVR0TAQH/BAIwADANBgNVHREEBjAEggJhKzAdBgNVHQ4EFgQU
+Zd/yRfldVXIxnAKzGaO6vZrb2XswHwYDVR0jBBgwFoAU4J1tAjJyIZ/+BvOatp4W
+N1Fo5MMwDQYJKoZIhvcNAQELBQADggEBAAcwSIxKQegRqCs7adDb3VbqP1Ld0dA6
+FydwendbN1P4NaqqdM89NhpOVZ5g60eM4sc08m5oZIMWqjwp3Gyf2pqM2FMQ02zi
+1lMRb+t9rtjtZXCdcTjuwySYXw7M7NM0Lxhv7yN9+Vben1RTBWFghk8y4t6sai5L
+68hFu+fkQzKIpHE/9cdBS+rtqyCrNit3kvqVhVpGECTS2flTBHnCe7mINojSTOsB
+JYhGgW6KsKViE0hzQB8dSAcNcfwQPSKzOd02crXdJ7uYvZZK9prN83Oe1iDaizeA
+1ntA2AzsC0OGg/ekAnAlxia3mzcJv0PgxRpSG7xjWSL+FVFTTs2I/wk=
+-----END CERTIFICATE-----';
+
+        $x509 = new File_X509();
+        $cert = $x509->loadX509($cert);
+
+        $this->assertFalse($x509->validateURL('https://aa'));
+    }
 }