diff --git a/bin/tests/system/rpz/clean.sh b/bin/tests/system/rpz/clean.sh
index 40e12eeb15..f0e4ff43c8 100644
--- a/bin/tests/system/rpz/clean.sh
+++ b/bin/tests/system/rpz/clean.sh
@@ -31,6 +31,7 @@ rm -f ns*/*.key ns*/*.private
 rm -f ns2/tld2s.db ns2/bl.tld2.db
 rm -f ns3/bl*.db ns3/fast-expire.db ns*/empty.db
 rm -f ns3/manual-update-rpz.db
+rm -f ns3/mixed-case-rpz.db
 rm -f ns5/example.db ns5/bl.db ns5/fast-expire.db ns5/expire.conf
 rm -f ns8/manual-update-rpz.db
 rm -f */policy2.db
diff --git a/bin/tests/system/rpz/ns3/mixed-case-rpz-1.db.in b/bin/tests/system/rpz/ns3/mixed-case-rpz-1.db.in
new file mode 100644
index 0000000000..5748942fac
--- /dev/null
+++ b/bin/tests/system/rpz/ns3/mixed-case-rpz-1.db.in
@@ -0,0 +1,14 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 300
+@		SOA	mixed-case-rpz.  hostmaster.ns.mixed-case-rpz. ( 1 3600 1200 604800 60 )
+		NS	ns.tld3.
+
+A6-2.TLD2	CNAME	.
diff --git a/bin/tests/system/rpz/ns3/mixed-case-rpz-2.db.in b/bin/tests/system/rpz/ns3/mixed-case-rpz-2.db.in
new file mode 100644
index 0000000000..6588135e68
--- /dev/null
+++ b/bin/tests/system/rpz/ns3/mixed-case-rpz-2.db.in
@@ -0,0 +1,15 @@
+; Copyright (C) Internet Systems Consortium, Inc. ("ISC")
+;
+; This Source Code Form is subject to the terms of the Mozilla Public
+; License, v. 2.0. If a copy of the MPL was not distributed with this
+; file, You can obtain one at http://mozilla.org/MPL/2.0/.
+;
+; See the COPYRIGHT file distributed with this work for additional
+; information regarding copyright ownership.
+
+$TTL 300
+@		SOA	mixed-case-rpz.  hostmaster.ns.mixed-case-rpz. ( 2 3600 1200 604800 60 )
+		NS	ns.tld3.
+
+a6-1.tld2	CNAME	.
+A6-2.TLD2	CNAME	.
diff --git a/bin/tests/system/rpz/ns3/named.conf.in b/bin/tests/system/rpz/ns3/named.conf.in
index f9d1b54980..9ee92483b0 100644
--- a/bin/tests/system/rpz/ns3/named.conf.in
+++ b/bin/tests/system/rpz/ns3/named.conf.in
@@ -48,6 +48,7 @@ options {
 	    zone "bl-tcp-only"	policy tcp-only;
 	    zone "bl.tld2";
 	    zone "manual-update-rpz";
+	    zone "mixed-case-rpz";
 	}
 	add-soa yes
 	min-ns-dots 0
@@ -114,6 +115,12 @@ zone "manual-update-rpz." {
 	notify no;
 };
 
+zone "mixed-case-rpz." {
+	type primary;
+	file "mixed-case-rpz.db";
+	notify no;
+};
+
 zone "fast-expire." {
 	type secondary;
 	file "fast-expire.db";
diff --git a/bin/tests/system/rpz/setup.sh b/bin/tests/system/rpz/setup.sh
index 815e4a6f7b..93cb3ecb73 100644
--- a/bin/tests/system/rpz/setup.sh
+++ b/bin/tests/system/rpz/setup.sh
@@ -73,6 +73,8 @@ done
 cp ns3/manual-update-rpz.db.in ns3/manual-update-rpz.db
 cp ns8/manual-update-rpz.db.in ns8/manual-update-rpz.db
 
+cp ns3/mixed-case-rpz-1.db.in ns3/mixed-case-rpz.db
+
 # a zone that expires quickly and then can't be refreshed
 cp ns5/fast-expire.db.in ns5/fast-expire.db
 cp ns5/expire.conf.in ns5/expire.conf
diff --git a/bin/tests/system/rpz/tests.sh b/bin/tests/system/rpz/tests.sh
index 0e82331ac9..d73ccb939e 100644
--- a/bin/tests/system/rpz/tests.sh
+++ b/bin/tests/system/rpz/tests.sh
@@ -823,6 +823,24 @@ EOF
     # ensure previous RPZ rules still apply.
     $DIG -p ${PORT} @$ns3 walled.tld2 > dig.out.$t.after
     grep "walled\.tld2\..*IN.*A.*10\.0\.0\.1" dig.out.$t.after > /dev/null || setret "failed"
+
+    t=`expr $t + 1`
+    echo_i "checking reload of a mixed-case RPZ zone (${t})"
+    # First, a sanity check: the A6-2.TLD2.mixed-case-rpz RPZ record should
+    # cause a6-2.tld2 NOERROR answers to be rewritten to NXDOMAIN answers.
+    $DIG -p ${PORT} @$ns3 a6-2.tld2. A > dig.out.$t.before
+    grep "status: NXDOMAIN" dig.out.$t.before >/dev/null || setret "failed"
+    # Add a sibling name (a6-1.tld2.mixed-case-rpz, with "tld2" in lowercase
+    # rather than uppercase) before A6-2.TLD.mixed-case-rpz.
+    nextpart ns3/named.run > /dev/null
+    cp ns3/mixed-case-rpz-2.db.in ns3/mixed-case-rpz.db
+    rndc_reload ns3 $ns3 mixed-case-rpz
+    wait_for_log 20 "rpz: mixed-case-rpz: reload done" ns3/named.run
+    # a6-2.tld2 NOERROR answers should still be rewritten to NXDOMAIN answers.
+    # (The bug we try to trigger here caused a6-2.tld2.mixed-case-rpz to be
+    # erroneously removed from the summary RPZ database after reload.)
+    $DIG -p ${PORT} @$ns3 a6-2.tld2. A > dig.out.$t.after
+    grep "status: NXDOMAIN" dig.out.$t.after >/dev/null || setret "failed"
   fi
 
   t=`expr $t + 1`
diff --git a/lib/dns/rpz.c b/lib/dns/rpz.c
index 8d8c459ca9..6c02fe5a8d 100644
--- a/lib/dns/rpz.c
+++ b/lib/dns/rpz.c
@@ -2008,6 +2008,7 @@ update_quantum(isc_task_t *task, isc_event_t *event) {
 			continue;
 		}
 
+		dns_name_downcase(name, name, NULL);
 		result = isc_ht_add(rpz->newnodes, name->ndata, name->length,
 				    rpz);
 		if (result != ISC_R_SUCCESS) {