diff --git a/src/common/config.py b/src/common/config.py
index 2cfa73c35..f3a6998d8 100644
--- a/src/common/config.py
+++ b/src/common/config.py
@@ -349,6 +349,7 @@ class Config:
                     'enable_esessions': [opt_bool, True, _('Enable ESessions encryption for this account.')],
                     'autonegotiate_esessions': [opt_bool, True, _('Should Gajim automatically start an encrypted session when possible?')],
                     'connection_types': [ opt_str, 'tls ssl plain', _('Ordered list (space separated) of connection type to try. Can contain tls, ssl or plain')],
+                    'tls_version': [ opt_str, '1.0', '' ],
                     'cipher_list': [ opt_str, 'HIGH:!aNULL:RC4-SHA', '' ],
                     'action_when_plaintext_connection': [ opt_str, 'warn', _('Show a warning dialog before sending password on an plaintext connection. Can be \'warn\', \'connect\', \'disconnect\'') ],
                     'warn_when_insecure_ssl_connection': [ opt_bool, True, _('Show a warning dialog before using standard SSL library.') ],
diff --git a/src/common/connection.py b/src/common/connection.py
index f0d8887a3..3f27510e0 100644
--- a/src/common/connection.py
+++ b/src/common/connection.py
@@ -1239,9 +1239,11 @@ class Connection(CommonConnection, ConnectionHandlers):
             if not os.path.exists(cacerts):
                 cacerts = ''
             mycerts = common.gajim.MY_CACERTS
+            tls_version = gajim.config.get_per('accounts', self.name,
+                'tls_version')
             cipher_list = gajim.config.get_per('accounts', self.name,
                 'cipher_list')
-            secure_tuple = (self._current_type, cacerts, mycerts, cipher_list)
+            secure_tuple = (self._current_type, cacerts, mycerts, tls_version, cipher_list)
 
             con = nbxmpp.NonBlockingClient(
                 domain=self._hostname,