diff --git a/src/main/java/org/jruby/ext/openssl/x509store/Certificate.java b/src/main/java/org/jruby/ext/openssl/x509store/Certificate.java
index 2bd58df5..d195cb9f 100644
--- a/src/main/java/org/jruby/ext/openssl/x509store/Certificate.java
+++ b/src/main/java/org/jruby/ext/openssl/x509store/Certificate.java
@@ -54,7 +54,9 @@ public boolean isName(final Name name) {
     public boolean matches(final X509Object other) {
         if (other instanceof Certificate) {
             final Certificate that = (Certificate) other;
-            return X509AuxCertificate.equalSubjects(this.x509, that.x509);
+            if (X509AuxCertificate.equalSubjects(this.x509, that.x509)) {
+                return this.x509.hashCode() == that.x509.hashCode();
+            };
         }
         return false;
     }
diff --git a/src/main/java/org/jruby/ext/openssl/x509store/Store.java b/src/main/java/org/jruby/ext/openssl/x509store/Store.java
index 48d9cfab..9fb6b623 100644
--- a/src/main/java/org/jruby/ext/openssl/x509store/Store.java
+++ b/src/main/java/org/jruby/ext/openssl/x509store/Store.java
@@ -39,6 +39,7 @@
 import java.util.List;
 
 import javax.net.ssl.X509TrustManager;
+import javax.security.auth.x500.X500Principal;
 
 import org.jruby.Ruby;
 import org.jruby.ext.openssl.OpenSSL;
@@ -329,8 +330,25 @@ private synchronized int addObject(final X509Object xObject, final int prevLengt
                 return 0;
             }
         }
-        X509Object[] newObjects = Arrays.copyOf(objects, length + 1);
-        newObjects[ length ] = xObject;
+        X509Object[] newObjects = new X509Object[length + 1];
+
+        int idx = length;
+        if (xObject instanceof Certificate) {
+            final X500Principal p1 = ((Certificate) xObject).x509.getIssuerX500Principal();
+            final Name n1 = new Name(p1);
+
+            for (idx = 0; idx < objects.length; idx++) {
+                X509Object xMember  = objects[idx];
+                if (xMember instanceof Certificate) {
+                    X500Principal p2 = ((Certificate) xMember).x509.getIssuerX500Principal();
+                    if(n1.equalTo(p2)) break;
+                }
+            }
+        }
+
+        System.arraycopy(objects, 0, newObjects, 0, idx);
+        System.arraycopy(objects, idx, newObjects, idx + 1, length-idx);
+        newObjects[idx] = xObject;
         objects = newObjects;
         return 1;
     }