diff --git a/config/config.go b/config/config.go
index c71dd92..6828782 100644
--- a/config/config.go
+++ b/config/config.go
@@ -24,6 +24,7 @@ mqtt-port = {{ .PlmntConfig.MqttPort }}
 mqtt-user = "{{ .PlmntConfig.MqttUser }}"
 mqtt-password = "{{ .PlmntConfig.MqttPassword }}"
 claim-host = "{{ .PlmntConfig.ClaimHost }}"
+mqtt-tls = {{ .PlmntConfig.MqttTLS }}
 `
 
 // Config defines Planetmint's top level configuration
@@ -41,6 +42,7 @@ type Config struct {
 	MqttUser         string `json:"mqtt-user"         mapstructure:"mqtt-user"`
 	MqttPassword     string `json:"mqtt-password"     mapstructure:"mqtt-password"`
 	ClaimHost        string `json:"claim-host"        mapstructure:"claim-host"`
+	MqttTLS          bool   `json:"mqtt-tls"          mapstructure:"mqtt-tls"`
 }
 
 // cosmos-sdk wide global singleton
@@ -61,10 +63,11 @@ func DefaultConfig() *Config {
 		RPCWallet:        "rpcwallet",
 		ValidatorAddress: "plmnt1w5dww335zhh98pzv783hqre355ck3u4w4hjxcx",
 		MqttDomain:       "testnet-mqtt.rddl.io",
-		MqttPort:         1885,
+		MqttPort:         1886,
 		MqttUser:         "user",
 		MqttPassword:     "password",
 		ClaimHost:        "testnet-p2r.rddl.io",
+		MqttTLS:          true,
 	}
 }
 
diff --git a/monitor/mqtt_monitor.go b/monitor/mqtt_monitor.go
index c3830b5..6029788 100644
--- a/monitor/mqtt_monitor.go
+++ b/monitor/mqtt_monitor.go
@@ -1,6 +1,7 @@
 package monitor
 
 import (
+	"crypto/tls"
 	"math/rand"
 	"net"
 	"strconv"
@@ -51,11 +52,19 @@ func LazyLoadMonitorMQTTClient() {
 	conf := config.GetConfig()
 	hostPort := net.JoinHostPort(conf.MqttDomain, strconv.FormatInt(int64(conf.MqttPort), 10))
 	uri := "tcp://" + hostPort
+	if conf.MqttTLS {
+		uri = "ssl://" + hostPort
+	}
 
 	opts := mqtt.NewClientOptions().AddBroker(uri)
 	opts.SetClientID(conf.ValidatorAddress + "-monitor")
 	opts.SetUsername(conf.MqttUser)
 	opts.SetPassword(conf.MqttPassword)
+	if conf.MqttTLS {
+		tlsConfig := &tls.Config{}
+		opts.SetTLSConfig(tlsConfig)
+	}
+
 	MonitorMQTTClient = mqtt.NewClient(opts)
 }
 
diff --git a/util/mqtt.go b/util/mqtt.go
index 111968b..a288235 100644
--- a/util/mqtt.go
+++ b/util/mqtt.go
@@ -1,6 +1,7 @@
 package util
 
 import (
+	"crypto/tls"
 	"encoding/json"
 	"net"
 	"strconv"
@@ -42,11 +43,19 @@ func LazyLoadMQTTClient() {
 	conf := config.GetConfig()
 	hostPort := net.JoinHostPort(conf.MqttDomain, strconv.FormatInt(int64(conf.MqttPort), 10))
 	uri := "tcp://" + hostPort
+	if conf.MqttTLS {
+		uri = "ssl://" + hostPort
+	}
 
 	opts := mqtt.NewClientOptions().AddBroker(uri)
 	opts.SetClientID(conf.ValidatorAddress)
 	opts.SetUsername(conf.MqttUser)
 	opts.SetPassword(conf.MqttPassword)
+	if conf.MqttTLS {
+		tlsConfig := &tls.Config{}
+		opts.SetTLSConfig(tlsConfig)
+	}
+
 	MQTTClient = mqtt.NewClient(opts)
 }