diff --git a/ports/esp32/boards/sdkconfig.base b/ports/esp32/boards/sdkconfig.base
index 2a7c9a1c5b..bfc8c6610e 100644
--- a/ports/esp32/boards/sdkconfig.base
+++ b/ports/esp32/boards/sdkconfig.base
@@ -59,6 +59,9 @@ CONFIG_LWIP_PPP_CHAP_SUPPORT=y
 # SSL
 # Use 4kiB output buffer instead of default 16kiB
 CONFIG_MBEDTLS_ASYMMETRIC_CONTENT_LEN=y
+CONFIG_MBEDTLS_HAVE_TIME_DATE=y
+CONFIG_MBEDTLS_PLATFORM_TIME_ALT=y
+CONFIG_MBEDTLS_HAVE_TIME=y
 
 # Disable ALPN support as it's not implemented in MicroPython
 CONFIG_MBEDTLS_SSL_ALPN=n
diff --git a/ports/esp32/main.c b/ports/esp32/main.c
index 044b43655c..8e5675c941 100644
--- a/ports/esp32/main.c
+++ b/ports/esp32/main.c
@@ -29,6 +29,8 @@
 #include <stdio.h>
 #include <string.h>
 #include <stdarg.h>
+#include <sys/time.h>
+#include <time.h>
 
 #include "freertos/FreeRTOS.h"
 #include "freertos/task.h"
@@ -49,6 +51,9 @@
 #include "py/mphal.h"
 #include "shared/readline/readline.h"
 #include "shared/runtime/pyexec.h"
+#include "shared/timeutils/timeutils.h"
+#include "mbedtls/platform_time.h"
+
 #include "uart.h"
 #include "usb.h"
 #include "usb_serial_jtag.h"
@@ -83,6 +88,15 @@ int vprintf_null(const char *format, va_list ap) {
     return 0;
 }
 
+time_t platform_mbedtls_time(time_t *timer) {
+    // mbedtls_time requires time in seconds from EPOCH 1970
+
+    struct timeval tv;
+    gettimeofday(&tv, NULL);
+
+    return tv.tv_sec + TIMEUTILS_SECONDS_1970_TO_2000;
+}
+
 void mp_task(void *pvParameter) {
     volatile uint32_t sp = (uint32_t)esp_cpu_get_sp();
     #if MICROPY_PY_THREAD
@@ -98,6 +112,9 @@ void mp_task(void *pvParameter) {
     #endif
     machine_init();
 
+    // Configure time function, for mbedtls certificate time validation.
+    mbedtls_platform_set_time(platform_mbedtls_time);
+
     esp_err_t err = esp_event_loop_create_default();
     if (err != ESP_OK) {
         ESP_LOGE("esp_init", "can't create event loop: 0x%x\n", err);