diff --git a/README.md b/README.md
index d804b87..8b4fe0c 100644
--- a/README.md
+++ b/README.md
@@ -443,6 +443,14 @@ The following variables will be tempalted in any strings passed to the options o
 * `~/` replaced with `os.homedir()` i.e. `/Users/aj`
 * `:hostname` replaced with the first domain in the list i.e. `example.com`
 
+### Dangerous Options
+
+By default SNI is made to lowercase and is automatically rejected if it contains invalid characters for a domain.
+This behavior can be modified:
+
+  * `__dns_allow_dangerous_names` allow SNI names like "Robert'); DROP TABLE Students;"
+  * `__dns_preserve_case` passes SNI names such as "ExAMpLE.coM" without converting to lower case
+
 Developer API
 -------------
 
diff --git a/index.js b/index.js
index 5ddc440..7da7291 100644
--- a/index.js
+++ b/index.js
@@ -432,20 +432,21 @@ Greenlock.create = function (gl) {
     if (gl.sni.create) {
       gl.sni = gl.sni.create(gl);
     }
-    gl.tlsOptions.SNICallback = function (domain, cb) {
+    gl.tlsOptions.SNICallback = function (_domain, cb) {
       // format and (lightly) sanitize sni so that users can be naive
       // and not have to worry about SQL injection or fs discovery
-      domain = (domain||'').toLowerCase();
+      var domain = (_domain||'').toLowerCase();
       // hostname labels allow a-z, 0-9, -, and are separated by dots
       // _ is sometimes allowed
-      if (!/^[a-z0-9_\.\-]+$/i.test(domain) || -1 !== domain.indexOf('..')) {
+      // REGEX // https://www.codeproject.com/Questions/1063023/alphanumeric-validation-javascript-without-regex
+      if (!gl.__sni_allow_dangerous_names && (!/^[a-z0-9_\.\-]+$/i.test(domain) || -1 !== domain.indexOf('..'))) {
         log(gl.debug, "invalid sni '" + domain + "'");
         cb(new Error("invalid SNI"));
         return;
       }
 
       try {
-        gl.sni.sniCallback(domain, cb);
+        gl.sni.sniCallback(gl.__sni_preserve_case && _domain || domain, cb);
       } catch(e) {
         console.error("[ERROR] Something went wrong in the SNICallback:");
         console.error(e);
diff --git a/package.json b/package.json
index c2b6a1a..dc557dc 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "greenlock",
-  "version": "2.3.8",
+  "version": "2.3.9",
   "description": "Let's Encrypt for node.js on npm",
   "main": "index.js",
   "files": [