diff --git a/src/Ldap/Client.hs b/src/Ldap/Client.hs
index 4786c41..2aa3d3e 100644
--- a/src/Ldap/Client.hs
+++ b/src/Ldap/Client.hs
@@ -162,6 +162,7 @@ with host port f = do
         case host of
           Plain    h -> h
           Secure   h -> h
+          SecureWithTLSSettings h _ -> h
           Insecure h -> h
     , Conn.connectionPort = port
     , Conn.connectionUseSecure =
@@ -172,6 +173,7 @@ with host port f = do
             , Conn.settingDisableSession = False
             , Conn.settingUseServerName = False
             }
+          SecureWithTLSSettings _ t -> Just t
           Insecure _ -> Just Conn.TLSSettingsSimple
             { Conn.settingDisableCertificateValidation = True
             , Conn.settingDisableSession = False
diff --git a/src/Ldap/Client/Internal.hs b/src/Ldap/Client/Internal.hs
index 15e3a91..be0a8d4 100644
--- a/src/Ldap/Client/Internal.hs
+++ b/src/Ldap/Client/Internal.hs
@@ -36,6 +36,7 @@ import           Data.List.NonEmpty (NonEmpty)
 import           Data.Text (Text)
 import           Data.Typeable (Typeable)
 import           Network (PortNumber)
+import           Network.Connection (TLSSettings)
 
 import qualified Ldap.Asn1.Type as Type
 
@@ -46,7 +47,8 @@ data Host =
   | Insecure String -- ^ LDAP over TLS without the certificate validity check.
                     --   Only use for testing!
   | Secure String   -- ^ LDAP over TLS. Use!
-    deriving (Show, Eq, Ord)
+    | SecureWithTLSSettings String TLSSettings -- ^ LDAP over TLS with the ability to specify detailed TLS settings
+    deriving (Show)
 
 -- | A token. All functions that interact with the Directory require one.
 data Ldap = Ldap