diff --git a/src/WebSockets.h b/src/WebSockets.h
index 32f83bb..4defcf6 100644
--- a/src/WebSockets.h
+++ b/src/WebSockets.h
@@ -118,6 +118,7 @@ typedef struct {
 #if (WEBSOCKETS_NETWORK_TYPE == NETWORK_ESP8266)
         bool isSSL;             ///< run in ssl mode
         WiFiClientSecure * ssl;
+        const char * fingerprint;
 #endif
 
         String cUrl;        ///< http url
diff --git a/src/WebSocketsClient.cpp b/src/WebSocketsClient.cpp
index 9d2edeb..71536fe 100644
--- a/src/WebSocketsClient.cpp
+++ b/src/WebSocketsClient.cpp
@@ -47,6 +47,7 @@ void WebSocketsClient::begin(const char *host, uint16_t port, const char * url)
 #if (WEBSOCKETS_NETWORK_TYPE == NETWORK_ESP8266)
     _client.isSSL = false;
     _client.ssl = NULL;
+    _client.fingerprint = NULL;
 #endif
     _client.cUrl = url;
     _client.cCode = 0;
@@ -79,6 +80,17 @@ void WebSocketsClient::beginSSL(const char *host, uint16_t port, const char * ur
 void WebSocketsClient::beginSSL(String host, uint16_t port, String url) {
     beginSSL(host.c_str(), port, url.c_str());
 }
+
+void WebSocketsClient::beginSSL(const char *host, uint16_t port, const char * url, const char * fingerprint) {
+    begin(host, port, url);
+    _client.isSSL = true;
+    _client.fingerprint = fingerprint;
+}
+
+void WebSocketsClient::beginSSL(String host, uint16_t port, String url, const char * fingerprint) {
+    beginSSL(host.c_str(), port, url.c_str());
+    _client.fingerprint = fingerprint;
+}
 #endif
 
 /**
@@ -124,6 +136,13 @@ void WebSocketsClient::loop(void) {
 
 #if (WEBSOCKETS_NETWORK_TYPE == NETWORK_ESP8266)
             _client.tcp->setNoDelay(true);
+            
+            if (_client.isSSL && _client.fingerprint != NULL) {
+                if (!(((WiFiClientSecure*)_client.tcp)->verify(_client.fingerprint, _host.c_str()))) {
+                    DEBUG_WEBSOCKETS("[WS-Client] certificate mismatch\n");
+                    return;
+                }
+            }
 #endif
 
             // send Header to Server
diff --git a/src/WebSocketsClient.h b/src/WebSocketsClient.h
index 588e951..7b5c29a 100644
--- a/src/WebSocketsClient.h
+++ b/src/WebSocketsClient.h
@@ -42,6 +42,8 @@ class WebSocketsClient: private WebSockets {
 #if (WEBSOCKETS_NETWORK_TYPE == NETWORK_ESP8266)
         void beginSSL(const char *host, uint16_t port, const char * url = "/");
         void beginSSL(String host, uint16_t port, String url = "/");
+        void beginSSL(const char *host, uint16_t port, const char * url, const char * fingerprint);
+        void beginSSL(String host, uint16_t port, String url, const char * fingerprint);
 #endif
 
         void loop(void);