diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
index 41395d1c..f118a7fb 100644
--- a/docs/CHANGELOG.md
+++ b/docs/CHANGELOG.md
@@ -1,6 +1,10 @@
 # Changelog
 All notable changes to this project will be documented in this file.
 
+## [7.6.2] - 2019-12-20
+
+(mbedtls) correct support for using own certificate and private key
+
 ## [7.6.1] - 2019-12-20
 
 (ws commands) in websocket proxy, disable automatic reconnections + in Dockerfile, use alpine 3.11
diff --git a/ixwebsocket/IXSocketMbedTLS.cpp b/ixwebsocket/IXSocketMbedTLS.cpp
index f10a4d78..c45c7676 100644
--- a/ixwebsocket/IXSocketMbedTLS.cpp
+++ b/ixwebsocket/IXSocketMbedTLS.cpp
@@ -71,11 +71,16 @@ namespace ix
 
         if (_tlsOptions.hasCertAndKey())
         {
-            if (mbedtls_x509_crt_parse_file(&_cacert, _tlsOptions.certFile.c_str()) < 0)
+            if (mbedtls_x509_crt_parse_file(&_cert, _tlsOptions.certFile.c_str()) < 0)
             {
                 errMsg = "Cannot parse cert file '" + _tlsOptions.certFile + "'";
                 return false;
             }
+            if (mbedtls_pk_parse_keyfile(&_pkey, _tlsOptions.keyFile.c_str(), "") < 0)
+            {
+                errMsg = "Cannot parse key file '" + _tlsOptions.keyFile + "'";
+                return false;
+            }
         }
 
         if (_tlsOptions.isPeerVerifyDisabled())
@@ -84,7 +89,7 @@ namespace ix
         }
         else
         {
-            mbedtls_ssl_conf_ca_chain(&_conf, &_cacert, NULL);
+            mbedtls_ssl_conf_authmode(&_conf, MBEDTLS_SSL_VERIFY_REQUIRED);
 
             // FIXME: should we call mbedtls_ssl_conf_verify ?
 
@@ -97,7 +102,13 @@ namespace ix
                 errMsg = "Cannot parse CA file '" + _tlsOptions.caFile + "'";
                 return false;
             }
-            mbedtls_ssl_conf_authmode(&_conf, MBEDTLS_SSL_VERIFY_REQUIRED);
+
+            mbedtls_ssl_conf_ca_chain(&_conf, &_cacert, NULL);
+
+            if (_tlsOptions.hasCertAndKey())
+            {
+                mbedtls_ssl_conf_own_cert(&_conf, &_cert, &_pkey);
+            }
         }
 
         if (mbedtls_ssl_setup(&_ssl, &_conf) != 0)
diff --git a/ixwebsocket/IXSocketMbedTLS.h b/ixwebsocket/IXSocketMbedTLS.h
index 8ff7e2a0..2bcadac1 100644
--- a/ixwebsocket/IXSocketMbedTLS.h
+++ b/ixwebsocket/IXSocketMbedTLS.h
@@ -45,6 +45,7 @@ namespace ix
         mbedtls_ctr_drbg_context _ctr_drbg;
         mbedtls_x509_crt _cacert;
         mbedtls_x509_crt _cert;
+        mbedtls_pk_context _pkey;
 
         std::mutex _mutex;
         SocketTLSOptions _tlsOptions;
diff --git a/ixwebsocket/IXWebSocketVersion.h b/ixwebsocket/IXWebSocketVersion.h
index ba8076d2..611ea1aa 100644
--- a/ixwebsocket/IXWebSocketVersion.h
+++ b/ixwebsocket/IXWebSocketVersion.h
@@ -6,4 +6,4 @@
 
 #pragma once
 
-#define IX_WEBSOCKET_VERSION "7.6.1"
+#define IX_WEBSOCKET_VERSION "7.6.2"