diff --git a/Network/Wai/Handler/WarpTLS.hs b/Network/Wai/Handler/WarpTLS.hs
--- a/Network/Wai/Handler/WarpTLS.hs
+++ b/Network/Wai/Handler/WarpTLS.hs
@@ -35,13 +35,13 @@
 
 runTLS :: TLSSettings -> Settings -> Application -> IO ()
 runTLS tset set app = do
-    cert    <- readCertificate $ certFile tset
+    certs   <- readCertificates $ certFile tset
     pk      <- readPrivateKey $ keyFile tset
     let params = TLS.defaultParams
             { TLS.pWantClientCert = False
             , TLS.pAllowedVersions = [TLS.SSL3,TLS.TLS10,TLS.TLS11,TLS.TLS12]
             , TLS.pCiphers         = ciphers
-            , TLS.pCertificates    = [(cert, Just pk)]
+            , TLS.pCertificates    = zip certs $ (Just pk):repeat Nothing
             }
     bracket
         (bindPort (settingsPort set) (settingsHost set))
@@ -100,12 +100,12 @@
     , TLSExtra.cipher_RC4_128_SHA1
     ]
 
-readCertificate :: FilePath -> IO X509.X509
-readCertificate filepath = do
+readCertificates :: FilePath -> IO [X509.X509]
+readCertificates filepath = do
     certs <- rights . parseCerts . PEM.pemParseBS <$> B.readFile filepath
     case certs of
-        []    -> error "no valid certificate found"
-        (x:_) -> return x
+        []-> error "no valid certificate found"
+        x -> return x
     where parseCerts (Right pems) = map (X509.decodeCertificate . L.fromChunks . (:[]) . PEM.pemContent)
                                   $ filter (flip elem ["CERTIFICATE", "TRUSTED CERTIFICATE"] . PEM.pemName) pems
           parseCerts (Left err) = error $ "cannot parse PEM file: " ++ err
diff --git a/warp-tls.cabal b/warp-tls.cabal
--- a/warp-tls.cabal
+++ b/warp-tls.cabal
@@ -1,5 +1,5 @@
 Name:                warp-tls
-Version:             1.3.1
+Version:             1.3.1.1
 Synopsis:            SSL support for Warp via the TLS package
 License:             MIT
 License-file:        LICENSE
@@ -19,7 +19,7 @@
                    , warp                          >= 1.3.2    && < 1.4
                    , transformers                  >= 0.2      && < 0.4
                    , conduit                       >= 0.5      && < 0.6
-                   , network-conduit               >= 0.5      && < 0.6
+                   , network-conduit               >= 0.5      && < 0.7
                    , certificate                   >= 1.2      && < 1.3
                    , pem                           >= 0.1      && < 0.2
                    , cryptocipher                  >= 0.3      && < 0.4
