diff --git a/core/pkg/ingress/controller/backend_ssl.go b/core/pkg/ingress/controller/backend_ssl.go
index e75d8ff0ef..9774840810 100644
--- a/core/pkg/ingress/controller/backend_ssl.go
+++ b/core/pkg/ingress/controller/backend_ssl.go
@@ -76,11 +76,11 @@ func (ic *GenericController) syncSecret(k interface{}) error {
 			// no need to update
 			return nil
 		}
-		glog.V(3).Infof("updating secret %v/%v in the store", sec.Namespace, sec.Name)
+		glog.Infof("updating secret %v/%v in the local store", sec.Namespace, sec.Name)
 		ic.sslCertTracker.Update(key, cert)
 		return nil
 	}
-	glog.V(3).Infof("adding secret %v/%v to the store", sec.Namespace, sec.Name)
+	glog.Infof("adding secret %v/%v to the local store", sec.Namespace, sec.Name)
 	ic.sslCertTracker.Add(key, cert)
 	return nil
 }
@@ -106,10 +106,10 @@ func (ic *GenericController) getPemCertificate(secretName string) (*ingress.SSLC
 
 	var s *ingress.SSLCert
 	if okcert && okkey {
-		glog.V(3).Infof("found certificate and private key, configuring %v as a TLS Secret", secretName)
+		glog.Infof("found certificate and private key, configuring %v as a TLS Secret", secretName)
 		s, err = ssl.AddOrUpdateCertAndKey(nsSecName, cert, key, ca)
 	} else if ca != nil {
-		glog.V(3).Infof("found only ca.crt, configuring %v as an Certificate Authentication secret", secretName)
+		glog.Infof("found only ca.crt, configuring %v as an Certificate Authentication secret", secretName)
 		s, err = ssl.AddCertAuth(nsSecName, ca)
 	} else {
 		return nil, fmt.Errorf("ko keypair or CA cert could be found in %v", secretName)
diff --git a/core/pkg/ingress/controller/controller.go b/core/pkg/ingress/controller/controller.go
index 96c5800c5e..036e38d501 100644
--- a/core/pkg/ingress/controller/controller.go
+++ b/core/pkg/ingress/controller/controller.go
@@ -960,6 +960,12 @@ func (ic *GenericController) createServers(data []interface{},
 					}
 				}
 
+				if tlsSecretName == "" {
+					glog.Warningf("ingress rule %v/%v for host %v does not contains a matching tls host", ing.Namespace, ing.Name, host)
+					glog.V(2).Infof("%v", ing.Spec.TLS)
+					continue
+				}
+
 				key := fmt.Sprintf("%v/%v", ing.Namespace, tlsSecretName)
 				bc, exists := ic.sslCertTracker.Get(key)
 				if exists {
@@ -967,7 +973,11 @@ func (ic *GenericController) createServers(data []interface{},
 					if isHostValid(host, cert) {
 						servers[host].SSLCertificate = cert.PemFileName
 						servers[host].SSLPemChecksum = cert.PemSHA
+					} else {
+						glog.Warningf("ssl certificate %v does not contains a common name for host %v", key, host)
 					}
+				} else {
+					glog.Warningf("ssl certificate \"%v\" does not exist in local store", key)
 				}
 			}
 		}
diff --git a/core/pkg/ingress/controller/util.go b/core/pkg/ingress/controller/util.go
index 77b88ba0c0..7f7db932e0 100644
--- a/core/pkg/ingress/controller/util.go
+++ b/core/pkg/ingress/controller/util.go
@@ -46,7 +46,7 @@ func isHostValid(host string, cert *ingress.SSLCert) bool {
 		return false
 	}
 	for _, cn := range cert.CN {
-		if matchHostnames(cn, host) {
+		if matchHostnames(cn, strings.ToLower(host)) {
 			return true
 		}
 	}