diff --git a/org.eclipse.paho.client.mqttv3/src/main/java/org/eclipse/paho/client/mqttv3/internal/SSLNetworkModule.java b/org.eclipse.paho.client.mqttv3/src/main/java/org/eclipse/paho/client/mqttv3/internal/SSLNetworkModule.java
index 56baaa321..4b3cb1ecd 100644
--- a/org.eclipse.paho.client.mqttv3/src/main/java/org/eclipse/paho/client/mqttv3/internal/SSLNetworkModule.java
+++ b/org.eclipse.paho.client.mqttv3/src/main/java/org/eclipse/paho/client/mqttv3/internal/SSLNetworkModule.java
@@ -136,12 +136,11 @@ public void start() throws IOException, MqttException {
 		socket.setSoTimeout(this.handshakeTimeoutSecs * 1000);
 		
 		// SNI support.  Should be automatic under some circumstances - not all, apparently
+		SSLParameters sslParameters = ((SSLSocket)socket).getSSLParameters();
 		try {
-			SSLParameters sslParameters = new SSLParameters();
 			List<SNIServerName> sniHostNames = new ArrayList<SNIServerName>(1);
 			sniHostNames.add(new SNIHostName(host));
 			sslParameters.setServerNames(sniHostNames);
-			((SSLSocket)socket).setSSLParameters(sslParameters);
 		} catch(NoClassDefFoundError e) {
 			// Android < 7.0
 		}
@@ -149,13 +148,13 @@ public void start() throws IOException, MqttException {
 		// If default Hostname verification is enabled, use the same method that is used with HTTPS
 		if(this.httpsHostnameVerificationEnabled) {
 			try {
-				SSLParameters sslParams = new SSLParameters();
-				sslParams.setEndpointIdentificationAlgorithm("HTTPS");
-				((SSLSocket) socket).setSSLParameters(sslParams);
+				sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
 			} catch(NoSuchMethodError e) {
 				// Android < 7.0
 			}
 		}
+		((SSLSocket)socket).setSSLParameters(sslParameters);
+
 		((SSLSocket) socket).startHandshake();
 		if (hostnameVerifier != null && !this.httpsHostnameVerificationEnabled) {
 			SSLSession session = ((SSLSocket) socket).getSession();
diff --git a/org.eclipse.paho.mqttv5.client/src/main/java/org/eclipse/paho/mqttv5/client/internal/SSLNetworkModule.java b/org.eclipse.paho.mqttv5.client/src/main/java/org/eclipse/paho/mqttv5/client/internal/SSLNetworkModule.java
index 54491475d..f588dec96 100644
--- a/org.eclipse.paho.mqttv5.client/src/main/java/org/eclipse/paho/mqttv5/client/internal/SSLNetworkModule.java
+++ b/org.eclipse.paho.mqttv5.client/src/main/java/org/eclipse/paho/mqttv5/client/internal/SSLNetworkModule.java
@@ -130,19 +130,18 @@ public void start() throws IOException, MqttException {
 		socket.setSoTimeout(this.handshakeTimeoutSecs * 1000);
 
 		// SNI support.  Should be automatic under some circumstances - not all, apparently
-		SSLParameters sslParameters = new SSLParameters();
+		SSLParameters sslParameters = ((SSLSocket)socket).getSSLParameters();
 		List<SNIServerName> sniHostNames = new ArrayList<SNIServerName>(1);
 		sniHostNames.add(new SNIHostName(host));
 		sslParameters.setServerNames(sniHostNames);
-		((SSLSocket)socket).setSSLParameters(sslParameters);
 
 		// If default Hostname verification is enabled, use the same method that is used with HTTPS
 		if (this.httpsHostnameVerificationEnabled) {
-			SSLParameters sslParams = new SSLParameters();
-			sslParams.setEndpointIdentificationAlgorithm("HTTPS");
-			((SSLSocket) socket).setSSLParameters(sslParams);	
+			sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
 		}
 
+		((SSLSocket) socket).setSSLParameters(sslParameters);
+
 		((SSLSocket) socket).startHandshake();
 		if (hostnameVerifier != null) {
 			SSLSession session = ((SSLSocket) socket).getSession();