diff --git a/config/config.go b/config/config.go
index 282c52c..c726e3f 100644
--- a/config/config.go
+++ b/config/config.go
@@ -23,6 +23,7 @@ mqtt-domain = "{{ .PlmntConfig.MqttDomain }}"
 mqtt-port = {{ .PlmntConfig.MqttPort }}
 mqtt-user = "{{ .PlmntConfig.MqttUser }}"
 mqtt-password = "{{ .PlmntConfig.MqttPassword }}"
+mqtt-tls = "{{ .PlmntConfig.MqttTLS }}"
 
 `
 
@@ -40,6 +41,7 @@ type Config struct {
 	MqttPort         int    `json:"mqtt-port"         mapstructure:"mqtt-port"`
 	MqttUser         string `json:"mqtt-user"         mapstructure:"mqtt-user"`
 	MqttPassword     string `json:"mqtt-password"     mapstructure:"mqtt-password"`
+	MqttTLS          bool   `json:"mqtt-tls"          mapstructure:"mqtt-tls"`
 }
 
 // cosmos-sdk wide global singleton
@@ -63,6 +65,7 @@ func DefaultConfig() *Config {
 		MqttPort:         1885,
 		MqttUser:         "user",
 		MqttPassword:     "password",
+		MqttTLS:          true,
 	}
 }
 
diff --git a/monitor/mqtt_monitor.go b/monitor/mqtt_monitor.go
index c3830b5..6029788 100644
--- a/monitor/mqtt_monitor.go
+++ b/monitor/mqtt_monitor.go
@@ -1,6 +1,7 @@
 package monitor
 
 import (
+	"crypto/tls"
 	"math/rand"
 	"net"
 	"strconv"
@@ -51,11 +52,19 @@ func LazyLoadMonitorMQTTClient() {
 	conf := config.GetConfig()
 	hostPort := net.JoinHostPort(conf.MqttDomain, strconv.FormatInt(int64(conf.MqttPort), 10))
 	uri := "tcp://" + hostPort
+	if conf.MqttTLS {
+		uri = "ssl://" + hostPort
+	}
 
 	opts := mqtt.NewClientOptions().AddBroker(uri)
 	opts.SetClientID(conf.ValidatorAddress + "-monitor")
 	opts.SetUsername(conf.MqttUser)
 	opts.SetPassword(conf.MqttPassword)
+	if conf.MqttTLS {
+		tlsConfig := &tls.Config{}
+		opts.SetTLSConfig(tlsConfig)
+	}
+
 	MonitorMQTTClient = mqtt.NewClient(opts)
 }
 
diff --git a/util/mqtt.go b/util/mqtt.go
index 111968b..a288235 100644
--- a/util/mqtt.go
+++ b/util/mqtt.go
@@ -1,6 +1,7 @@
 package util
 
 import (
+	"crypto/tls"
 	"encoding/json"
 	"net"
 	"strconv"
@@ -42,11 +43,19 @@ func LazyLoadMQTTClient() {
 	conf := config.GetConfig()
 	hostPort := net.JoinHostPort(conf.MqttDomain, strconv.FormatInt(int64(conf.MqttPort), 10))
 	uri := "tcp://" + hostPort
+	if conf.MqttTLS {
+		uri = "ssl://" + hostPort
+	}
 
 	opts := mqtt.NewClientOptions().AddBroker(uri)
 	opts.SetClientID(conf.ValidatorAddress)
 	opts.SetUsername(conf.MqttUser)
 	opts.SetPassword(conf.MqttPassword)
+	if conf.MqttTLS {
+		tlsConfig := &tls.Config{}
+		opts.SetTLSConfig(tlsConfig)
+	}
+
 	MQTTClient = mqtt.NewClient(opts)
 }