diff --git a/ixwebsocket/IXSocketServer.cpp b/ixwebsocket/IXSocketServer.cpp
index aaab3ef7..3978511f 100644
--- a/ixwebsocket/IXSocketServer.cpp
+++ b/ixwebsocket/IXSocketServer.cpp
@@ -270,7 +270,7 @@ namespace ix
 
             // create socket
             std::string errorMsg;
-            bool tls = false;
+            bool tls = _socketTLSOptions.tls;
             auto socket = createSocket(tls, clientFd, errorMsg, _socketTLSOptions);
 
             if (socket == nullptr)
diff --git a/ixwebsocket/IXSocketTLSOptions.h b/ixwebsocket/IXSocketTLSOptions.h
index 1bfe9449..5c8dd467 100644
--- a/ixwebsocket/IXSocketTLSOptions.h
+++ b/ixwebsocket/IXSocketTLSOptions.h
@@ -18,15 +18,21 @@ namespace ix
 
         // the certificate presented to peers
         std::string certFile;
+
         // the key used for signing/encryption
         std::string keyFile;
+
         // the ca certificate (or certificate bundle) file containing
         // certificates to be trusted by peers; use 'SYSTEM' to
         // leverage the system defaults, use 'NONE' to disable peer verification
         std::string caFile = "SYSTEM";
 
+        // list of ciphers (rsa, etc...)
         std::string ciphers = "DEFAULT";
 
+        // whether tls is enabled, used for server code
+        bool tls = false;
+
         bool hasCertAndKey() const;
 
         bool isUsingSystemDefaults() const;
diff --git a/ws/ws.cpp b/ws/ws.cpp
index 9b26603b..9e916d6a 100644
--- a/ws/ws.cpp
+++ b/ws/ws.cpp
@@ -102,6 +102,9 @@ int main(int argc, char** argv)
         app->add_option("--ciphers",
                         tlsOptions.ciphers,
                         "A (comma/space/colon) separated list of ciphers to use for TLS");
+        app->add_flag("--tls",
+                      tlsOptions.tls,
+                      "Enable TLS");
     };
 
     app.add_flag("--version", version, "Connection url");