diff --git a/include/re_tls.h b/include/re_tls.h
index 5fe957100..59baf162f 100644
--- a/include/re_tls.h
+++ b/include/re_tls.h
@@ -4,13 +4,20 @@
  * Copyright (C) 2010 Creytiv.com
  */
 
+#ifdef USE_OPENSSL
+#include <openssl/ossl_typ.h>
+#endif
+
 struct tls;
 struct tls_conn;
 struct tcp_conn;
 struct udp_sock;
+
+#ifndef USE_OPENSSL
 struct ssl_ctx_st;
 
 typedef struct ssl_ctx_st SSL_CTX;
+#endif
 
 
 /** Defines the TLS method */
@@ -122,5 +129,7 @@ void dtls_recv_packet(struct dtls_sock *sock, const struct sa *src,
 
 
 #ifdef USE_OPENSSL
-struct ssl_ctx_st *tls_openssl_context(const struct tls *tls);
+SSL_CTX *tls_openssl_context(const struct tls *tls);
+int tls_set_certificate_openssl(struct tls *tls, X509* cert, EVP_PKEY* pkey,
+				bool up_ref);
 #endif
diff --git a/src/tls/openssl/tls.c b/src/tls/openssl/tls.c
index 2366f5547..ee79653d7 100644
--- a/src/tls/openssl/tls.c
+++ b/src/tls/openssl/tls.c
@@ -708,6 +708,55 @@ int tls_set_selfsigned_rsa(struct tls *tls, const char *cn, size_t bits)
 	return err;
 }
 
+/**
+ * Set the certificate and private key on a TLS context
+ *
+ * @param tls      TLS Context
+ * @param cert     Certificate
+ * @param pkey     Private key
+ * @param up_ref   If true, increment reference count of the certificate if
+ *                 successfully set.
+ *                 If false, the reference count is not incremented and
+ *                 the ownership of the certificate is passed to the TLS
+ *                 context.
+ *
+ * @return 0 if success, otherwise errorcode
+ */
+int tls_set_certificate_openssl(struct tls *tls, X509* cert, EVP_PKEY* pkey,
+				bool up_ref)
+{
+	int r, err = ENOMEM;
+
+	if (!tls || !cert || !pkey)
+		return EINVAL;
+
+	r = SSL_CTX_use_certificate(tls->ctx, cert);
+	if (r != 1)
+		goto out;
+
+	r = SSL_CTX_use_PrivateKey(tls->ctx, pkey);
+	if (r != 1) {
+		DEBUG_WARNING("set_certificate_openssl: use_PrivateKey"
+			      " failed\n");
+		goto out;
+	}
+
+	if (tls->cert)
+		X509_free(tls->cert);
+
+	tls->cert = cert;
+
+	if (up_ref)
+		X509_up_ref(tls->cert);
+
+	err = 0;
+
+out:
+	if (err)
+		ERR_clear_error();
+
+	return err;
+}
 
 /**
  * Set the certificate and private key on a TLS context
@@ -1294,7 +1343,7 @@ void tls_flush_error(void)
  *
  * @return OpenSSL context
  */
-struct ssl_ctx_st *tls_openssl_context(const struct tls *tls)
+SSL_CTX *tls_openssl_context(const struct tls *tls)
 {
 	return tls ? tls->ctx : NULL;
 }
@@ -1592,7 +1641,7 @@ static bool remove_handler(struct le *le, void *arg)
 }
 
 
-static void session_remove_cb(struct ssl_ctx_st *ctx, SSL_SESSION *sess)
+static void session_remove_cb(SSL_CTX *ctx, SSL_SESSION *sess)
 {
 	struct tls *tls = SSL_SESSION_get_ex_data(sess, 0);
 	(void) ctx;