diff --git a/src/main/java/org/htmlunit/WebClientOptions.java b/src/main/java/org/htmlunit/WebClientOptions.java
index 772907227c..ac34440f7e 100644
--- a/src/main/java/org/htmlunit/WebClientOptions.java
+++ b/src/main/java/org/htmlunit/WebClientOptions.java
@@ -27,6 +27,8 @@
 
 import org.apache.commons.io.FileUtils;
 
+import javax.net.ssl.SSLContext;
+
 /**
  * Represents options of a {@link WebClient}.
  *
@@ -65,6 +67,7 @@ public class WebClientOptions implements Serializable {
 
     private boolean useInsecureSSL_; // default is secure SSL
     private String sslInsecureProtocol_;
+    private SSLContext sslContext_;
 
     private boolean fileProtocolForXMLHttpRequestsAllowed_;
 
@@ -515,6 +518,23 @@ public String getSSLInsecureProtocol() {
         return sslInsecureProtocol_;
     }
 
+    /**
+     * Sets the SSL Context, used only when {@link #setUseInsecureSSL(boolean)} is set to {@code true}.
+     * @param sslContext the SSL Context for insecure SSL connections,
+     *      {@code null} to use for default value
+     */
+    public void setSSLContext(final SSLContext sslContext) {
+        sslContext_ = sslContext;
+    }
+
+    /**
+     * Gets the SSL Context, to be used only when {@link #setUseInsecureSSL(boolean)} is set to {@code true}.
+     * @return the SSL Context for insecure SSL connections
+     */
+    public SSLContext getSSLContext() {
+        return sslContext_;
+    }
+
     /**
      * Sets the SSL server certificate trust store. All server certificates will be validated against
      * this trust store.
diff --git a/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java b/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java
index 48441960bb..2604b16003 100644
--- a/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java
+++ b/src/main/java/org/htmlunit/httpclient/HtmlUnitSSLConnectionSocketFactory.java
@@ -100,13 +100,18 @@ public static SSLConnectionSocketFactory buildSSLSocketFactory(final WebClientOp
                         sslClientProtocols, sslClientCipherSuites);
             }
 
-            // we need insecure SSL + SOCKS awareness
-            String protocol = options.getSSLInsecureProtocol();
-            if (protocol == null) {
-                protocol = "SSL";
+            SSLContext sslContext = options.getSSLContext();
+            if (sslContext == null) {
+                // we need insecure SSL + SOCKS awareness
+                String protocol = options.getSSLInsecureProtocol();
+                if (protocol == null) {
+                    protocol = "SSL";
+                }
+
+                sslContext = SSLContext.getInstance(protocol);
+                sslContext.init(getKeyManagers(options),
+                        new X509ExtendedTrustManager[]{new InsecureTrustManager()}, null);
             }
-            final SSLContext sslContext = SSLContext.getInstance(protocol);
-            sslContext.init(getKeyManagers(options), new X509ExtendedTrustManager[] {new InsecureTrustManager()}, null);
 
             return new HtmlUnitSSLConnectionSocketFactory(sslContext, NoopHostnameVerifier.INSTANCE,
                                             useInsecureSSL, sslClientProtocols, sslClientCipherSuites);