diff --git a/examples/wifi/wifi_enterprise/main/Kconfig.projbuild b/examples/wifi/wifi_enterprise/main/Kconfig.projbuild
index ecee60be3e..aedbb0db0d 100644
--- a/examples/wifi/wifi_enterprise/main/Kconfig.projbuild
+++ b/examples/wifi/wifi_enterprise/main/Kconfig.projbuild
@@ -99,4 +99,16 @@ menu "Example Configuration"
         default n
         help
             Use default CA certificate bundle for WiFi enterprise connection
+
+    config EXAMPLE_USE_SERVER_DOMAIN_MATCH
+        bool "Validate server cert domain"
+        help
+            Validate the certificate domain
+
+    config EXAMPLE_SERVER_DOMAIN_MATCH_VALUE
+        string "Server cert domain"
+        depends on EXAMPLE_USE_SERVER_DOMAIN_MATCH
+        default "espressif.com"
+        help
+            Accept only server certificates matching this domain
 endmenu
diff --git a/examples/wifi/wifi_enterprise/main/wifi_enterprise_main.c b/examples/wifi/wifi_enterprise/main/wifi_enterprise_main.c
index aebd169395..710b0abac4 100644
--- a/examples/wifi/wifi_enterprise/main/wifi_enterprise_main.c
+++ b/examples/wifi/wifi_enterprise/main/wifi_enterprise_main.c
@@ -155,6 +155,9 @@ static void initialise_wifi(void)
 #endif
 #ifdef CONFIG_EXAMPLE_USE_DEFAULT_CERT_BUNDLE
     ESP_ERROR_CHECK(esp_eap_client_use_default_cert_bundle(true));
+#endif
+#ifdef CONFIG_EXAMPLE_USE_SERVER_DOMAIN_MATCH
+    ESP_ERROR_CHECK(esp_eap_client_set_domain_match(CONFIG_EXAMPLE_SERVER_DOMAIN_MATCH_VALUE));
 #endif
     ESP_ERROR_CHECK(esp_wifi_sta_enterprise_enable());
     ESP_ERROR_CHECK(esp_wifi_start());