diff --git a/server.go b/server.go
index 352597b..5dfbee5 100644
--- a/server.go
+++ b/server.go
@@ -38,6 +38,7 @@ type Server struct {
 	handler                 Handler
 	lastError               error
 	readTimeoutMilliseconds int64
+	tlsHandshakeTimeout     time.Duration
 	tlsPeerNameFunc         TlsPeerNameFunc
 	datagramPool            sync.Pool
 }
@@ -66,6 +67,10 @@ func (s *Server) SetTimeout(millseconds int64) {
 	s.readTimeoutMilliseconds = millseconds
 }
 
+func (s *Server) SetTlsHandshakeTimeout(d time.Duration) {
+	s.tlsHandshakeTimeout = d
+}
+
 // Set the function that extracts a TLS peer name from the TLS connection
 func (s *Server) SetTlsPeerNameFunc(tlsPeerNameFunc TlsPeerNameFunc) {
 	s.tlsPeerNameFunc = tlsPeerNameFunc
@@ -206,6 +211,9 @@ func (s *Server) goScanConnection(connection net.Conn) {
 	tlsPeer := ""
 	if tlsConn, ok := connection.(*tls.Conn); ok {
 		// Handshake now so we get the TLS peer information
+		if s.tlsHandshakeTimeout > 0 {
+			tlsConn.SetDeadline(time.Now().Add(s.tlsHandshakeTimeout))
+		}
 		if err := tlsConn.Handshake(); err != nil {
 			connection.Close()
 			return