diff --git a/changelog/11288.txt b/changelog/11288.txt
new file mode 100644
index 000000000..6f0e95c8f
--- /dev/null
+++ b/changelog/11288.txt
@@ -0,0 +1,3 @@
+```release-note:bug
+agent: Fixed agent templating to use configured tls servername values
+```
diff --git a/command/agent/template/template.go b/command/agent/template/template.go
index 6591e9a18..9396d1f82 100644
--- a/command/agent/template/template.go
+++ b/command/agent/template/template.go
@@ -274,12 +274,13 @@ func newRunnerConfig(sc *ServerConfig, templates ctconfig.TemplateConfigs) (*ctc
 		skipVerify := sc.AgentConfig.Vault.TLSSkipVerify
 		verify := !skipVerify
 		conf.Vault.SSL = &ctconfig.SSLConfig{
-			Enabled: pointerutil.BoolPtr(true),
-			Verify:  &verify,
-			Cert:    &sc.AgentConfig.Vault.ClientCert,
-			Key:     &sc.AgentConfig.Vault.ClientKey,
-			CaCert:  &sc.AgentConfig.Vault.CACert,
-			CaPath:  &sc.AgentConfig.Vault.CAPath,
+			Enabled:    pointerutil.BoolPtr(true),
+			Verify:     &verify,
+			Cert:       &sc.AgentConfig.Vault.ClientCert,
+			Key:        &sc.AgentConfig.Vault.ClientKey,
+			CaCert:     &sc.AgentConfig.Vault.CACert,
+			CaPath:     &sc.AgentConfig.Vault.CAPath,
+			ServerName: &sc.AgentConfig.Vault.TLSServerName,
 		}
 	}
 	enabled := attempts > 0