diff --git a/lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb b/lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb
index daef70e9fb..a2c3a04742 100644
--- a/lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb
+++ b/lib/msf/core/exploit/remote/kerberos/service_authenticator/base.rb
@@ -1088,8 +1088,8 @@ class Msf::Exploit::Remote::Kerberos::ServiceAuthenticator::Base
       end
 
       unless !sname_hostname ||
-        sname_hostname.to_s.downcase == credential.server.components[1] ||
-        sname_hostname.to_s.downcase.ends_with?('.' + credential.server.components[1])
+          sname_hostname.to_s.downcase == credential.server.components[1].downcase ||
+          sname_hostname.to_s.downcase.ends_with?('.' + credential.server.components[1].downcase)
         wlog("Filtered credential #{file_path} ##{index} reason: SPN (#{sname_hostname}) hostname does not match (spn: #{credential.server.components.snapshot.join('/')})")
         next
       end