diff --git a/entrypoint.sh b/entrypoint.sh
index 423d9f9..bbb326b 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -63,6 +63,15 @@ elif [ "$SMARTHOST_ADDRESS" ] ; then
 			echo "${alias}:$SMARTHOST_USER:$SMARTHOST_PASSWORD" >> /etc/exim4/passwd.client
 		done
 	fi
+	if [ "$KEY_PATH" -a "$CERTIFICATE_PATH" ]; then
+		echo "MAIN_TLS_ENABLE == 1" >>  /etc/exim4/exim4.conf.localmacros
+		echo "REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS = *" >>  /etc/exim4/exim4.conf.localmacros
+		echo "TLS_ON_CONNECT_PORTS = 25" >>  /etc/exim4/exim4.conf.localmacros
+		echo "REQUIRE_PROTOCOL = smtps" >>  /etc/exim4/exim4.conf.localmacros
+
+		sed -i "/.ifdef[[:space:]]MAIN_TLS_ENABLE/a \  .ifdef TLS_ON_CONNECT_PORTS\n      tls_on_connect_ports = TLS_ON_CONNECT_PORTS\n  .endif" /etc/exim4/exim4.conf.template
+		perl -0777 -i -pe 's/(.ifdef REMOTE_SMTP_SMARTHOST_HOSTS_REQUIRE_TLS[\S\s]+?.endif)/$1\n.ifdef REQUIRE_PROTOCOL\n    protocol = REQUIRE_PROTOCOL\n.endif/' /etc/exim4/exim4.conf.template
+	fi
 elif [ "$RELAY_DOMAINS" ]; then
 	opts+=(
 		dc_relay_domains "${RELAY_DOMAINS}"
diff --git a/example/sendemail_with_certs.js b/example/sendemail_with_certs.js
new file mode 100644
index 0000000..18a3ce2
--- /dev/null
+++ b/example/sendemail_with_certs.js
@@ -0,0 +1,41 @@
+// your smtp server is running in localhost port 25
+const nodemailer = require("nodemailer");
+const tls = require("tls");
+const fs = require("fs");
+
+const cert = fs.readFileSync("path to certs(pem)");
+const key = fs.readFileSync("path to key(pem)");
+
+const secured = {
+  host: "127.0.0.1",
+  port: 25,
+  secure: true,
+  tls: {
+    rejectUnauthorized: false,
+    secureContext: tls.createSecureContext({
+      cert,
+      key,
+    }),
+  },
+};
+
+function sendEmailWithTLS() {
+  const transporter = nodemailer.createTransport(secured);
+
+  const mailOptions = {
+    from: "your@example.com",
+    to: "to@example.com",
+    subject: "Sending Email with CERTS",
+    text: "Send email with certs",
+  };
+
+  transporter.sendMail(mailOptions, function (error, info) {
+    if (error) {
+      console.log(error);
+    } else {
+      console.log("Email sent: " + info.response);
+    }
+  });
+}
+
+sendEmailWithTLS();
diff --git a/example/sendemail_without_cert.js b/example/sendemail_without_cert.js
new file mode 100644
index 0000000..19366a1
--- /dev/null
+++ b/example/sendemail_without_cert.js
@@ -0,0 +1,37 @@
+// your smtp server is running in localhost port 25
+const nodemailer = require("nodemailer");
+const tls = require("tls");
+const fs = require("fs");
+
+const cert = fs.readFileSync("path to certs(pem)");
+const key = fs.readFileSync("path to key(pem)");
+
+const unsecured = {
+  host: "127.0.0.1",
+  port: 25,
+  secure: false,
+  tls: {
+    rejectUnauthorized: false,
+  },
+};
+
+function sendEmailWithoutTLS() {
+  const transporter = nodemailer.createTransport(unsecured);
+
+  const mailOptions = {
+    from: "your@example.com",
+    to: "to@example.com",
+    subject: "Sending Email with CERTS",
+    text: "Send email with certs",
+  };
+
+  transporter.sendMail(mailOptions, function (error, info) {
+    if (error) {
+      console.log(error);
+    } else {
+      console.log("Email sent: " + info.response);
+    }
+  });
+}
+
+sendEmailWithoutTLS();