diff --git a/README.md b/README.md
index 358eb13..a2c2b59 100644
--- a/README.md
+++ b/README.md
@@ -38,6 +38,10 @@ Whether the particular server will serve as a Kubernetes `master` (default) or `
 
 Extra args to pass to `kubelet` during startup. E.g. to allow `kubelet` to start up even if there is swap is enabled on your server, set this to: `"--fail-swap-on=false"`. Or to specify the node-ip advertised by `kubelet`, set this to `"--node-ip={{ ansible_host }}"`.
 
+    kubernetes_kubeadm_init_extra_opts: ""
+
+Extra args to pass to `kubeadm init` during K8s control plane initialization. E.g. to specify extra Subject Alternative Names for API server certificate, set this to: `"--apiserver-cert-extra-sans my-custom.host"`
+
     kubernetes_allow_pods_on_master: true
 
 Whether to remove the taint that denies pods from being deployed to the Kubernetes master. If you have a single-node cluster, this should definitely be `True`. Otherwise, set to `False` if you want a dedicated Kubernetes master which doesn't run any other pods.
diff --git a/defaults/main.yml b/defaults/main.yml
index a96d358..ecb740d 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -15,6 +15,7 @@ kubernetes_version_rhel_package: '1.11.3'
 kubernetes_role: master
 
 kubernetes_kubelet_extra_args: ""
+kubernetes_kubeadm_init_extra_opts: ""
 
 kubernetes_allow_pods_on_master: true
 kubernetes_enable_web_ui: true
diff --git a/tasks/master-setup.yml b/tasks/master-setup.yml
index 2294ffc..05146df 100644
--- a/tasks/master-setup.yml
+++ b/tasks/master-setup.yml
@@ -6,6 +6,8 @@
     --apiserver-advertise-address={{ kubernetes_apiserver_advertise_address | default(ansible_default_ipv4.address) }}
     --kubernetes-version {{ kubernetes_version_kubeadm }}
     --ignore-preflight-errors={{ kubernetes_ignore_preflight_errors }}
+    {{ kubernetes_kubeadm_init_extra_opts }}
+
   register: kubeadmin_init
   failed_when: false
   when: kubernetes_init_stat.stat.exists == false