diff --git a/include/asterisk/tcptls.h b/include/asterisk/tcptls.h
index 883cb9229ef91c4236dba62f1b364bfda1e37c98..1e3a7524bf8c33ef496f8187d910563ffee74d1c 100644
--- a/include/asterisk/tcptls.h
+++ b/include/asterisk/tcptls.h
@@ -94,6 +94,9 @@ struct ast_tls_config {
 	char *capath;
 	struct ast_flags flags;
 	SSL_CTX *ssl_ctx;
+	char certhash[41];
+	char pvthash[41];
+	char cahash[41];
 };
 
 /*! \page AstTlsOverview TLS Implementation Overview
@@ -138,6 +141,7 @@ struct ast_tcptls_session_args {
 	void (*periodic_fn)(void *);/*!< something we may want to run before after select on the accept socket */
 	void *(*worker_fn)(void *); /*!< the function in charge of doing the actual work */
 	const char *name;
+	struct ast_tls_config *old_tls_cfg; /*!< copy of the SSL configuration to determine whether changes have been made */
 };
 
 /*! \brief
diff --git a/main/tcptls.c b/main/tcptls.c
index 6b040ae3e706cbe55a94cc98ab98959f76ccec2a..b20e04ef8c5fd7c090743ba8eb47364ef88ee0b8 100644
--- a/main/tcptls.c
+++ b/main/tcptls.c
@@ -36,6 +36,7 @@
 #endif
 
 #include <signal.h>
+#include <sys/stat.h>
 
 #include "asterisk/compat.h"
 #include "asterisk/tcptls.h"
@@ -46,6 +47,7 @@
 #include "asterisk/manager.h"
 #include "asterisk/astobj2.h"
 #include "asterisk/pbx.h"
+#include "asterisk/app.h"
 
 static void session_instance_destructor(void *obj)
 {
@@ -588,9 +590,64 @@ void ast_tcptls_server_start(struct ast_tcptls_session_args *desc)
 {
 	int flags;
 	int x = 1;
+	int tls_changed = 0;
+
+	if (desc->tls_cfg) {
+		char hash[41];
+		char *str = NULL;
+		struct stat st;
+
+		/* Store the hashes of the TLS certificate etc. */
+		if (stat(desc->tls_cfg->certfile, &st) || NULL == (str = ast_read_textfile(desc->tls_cfg->certfile))) {
+			memset(hash, 0, 41);
+		} else {
+			ast_sha1_hash(hash, str);
+		}
+		ast_free(str);
+		str = NULL;
+		memcpy(desc->tls_cfg->certhash, hash, 41);
+		if (stat(desc->tls_cfg->pvtfile, &st) || NULL == (str = ast_read_textfile(desc->tls_cfg->pvtfile))) {
+			memset(hash, 0, 41);
+		} else {
+			ast_sha1_hash(hash, str);
+		}
+		ast_free(str);
+		str = NULL;
+		memcpy(desc->tls_cfg->pvthash, hash, 41);
+		if (stat(desc->tls_cfg->cafile, &st) || NULL == (str = ast_read_textfile(desc->tls_cfg->cafile))) {
+			memset(hash, 0, 41);
+		} else {
+			ast_sha1_hash(hash, str);
+		}
+		ast_free(str);
+		str = NULL;
+		memcpy(desc->tls_cfg->cahash, hash, 41);
+
+		/* Check whether TLS configuration has changed */
+		if (!desc->old_tls_cfg) { /* No previous configuration */
+			tls_changed = 1;
+			desc->old_tls_cfg = ast_calloc(1, sizeof(*desc->old_tls_cfg));
+		} else if (memcmp(desc->tls_cfg->certhash, desc->old_tls_cfg->certhash, 41)) {
+			tls_changed = 1;
+		} else if (memcmp(desc->tls_cfg->pvthash, desc->old_tls_cfg->pvthash, 41)) {
+			tls_changed = 1;
+		} else if (strcmp(desc->tls_cfg->cipher, desc->old_tls_cfg->cipher)) {
+			tls_changed = 1;
+		} else if (memcmp(desc->tls_cfg->cahash, desc->old_tls_cfg->cahash, 41)) {
+			tls_changed = 1;
+		} else if (strcmp(desc->tls_cfg->capath, desc->old_tls_cfg->capath)) {
+			tls_changed = 1;
+		} else if (memcmp(&desc->tls_cfg->flags, &desc->old_tls_cfg->flags, sizeof(desc->tls_cfg->flags))) {
+			tls_changed = 1;
+		}
+
+		if (tls_changed) {
+			ast_debug(1, "Changed parameters for %s found\n", desc->name);
+		}
+	}
 
 	/* Do nothing if nothing has changed */
-	if (!ast_sockaddr_cmp(&desc->old_address, &desc->local_address)) {
+	if (!tls_changed && !ast_sockaddr_cmp(&desc->old_address, &desc->local_address)) {
 		ast_debug(1, "Nothing changed in %s\n", desc->name);
 		return;
 	}
@@ -646,6 +703,22 @@ void ast_tcptls_server_start(struct ast_tcptls_session_args *desc)
 
 	/* Set current info */
 	ast_sockaddr_copy(&desc->old_address, &desc->local_address);
+	if (desc->old_tls_cfg) {
+		ast_free(desc->old_tls_cfg->certfile);
+		ast_free(desc->old_tls_cfg->pvtfile);
+		ast_free(desc->old_tls_cfg->cipher);
+		ast_free(desc->old_tls_cfg->cafile);
+		ast_free(desc->old_tls_cfg->capath);
+		desc->old_tls_cfg->certfile = ast_strdup(desc->tls_cfg->certfile);
+		desc->old_tls_cfg->pvtfile = ast_strdup(desc->tls_cfg->pvtfile);
+		desc->old_tls_cfg->cipher = ast_strdup(desc->tls_cfg->cipher);
+		desc->old_tls_cfg->cafile = ast_strdup(desc->tls_cfg->cafile);
+		desc->old_tls_cfg->capath = ast_strdup(desc->tls_cfg->capath);
+		memcpy(desc->old_tls_cfg->certhash, desc->tls_cfg->certhash, 41);
+		memcpy(desc->old_tls_cfg->pvthash, desc->tls_cfg->pvthash, 41);
+		memcpy(desc->old_tls_cfg->cahash, desc->tls_cfg->cahash, 41);
+		memcpy(&desc->old_tls_cfg->flags, &desc->tls_cfg->flags, sizeof(desc->old_tls_cfg->flags));
+	}
 
 	return;
 
@@ -676,6 +749,17 @@ void ast_tcptls_server_stop(struct ast_tcptls_session_args *desc)
 		close(desc->accept_fd);
 	}
 	desc->accept_fd = -1;
+
+	if (desc->old_tls_cfg) {
+		ast_free(desc->old_tls_cfg->certfile);
+		ast_free(desc->old_tls_cfg->pvtfile);
+		ast_free(desc->old_tls_cfg->cipher);
+		ast_free(desc->old_tls_cfg->cafile);
+		ast_free(desc->old_tls_cfg->capath);
+		ast_free(desc->old_tls_cfg);
+		desc->old_tls_cfg = NULL;
+	}
+
 	ast_debug(2, "Stopped server :: %s\n", desc->name);
 }