diff --git a/include/proto/ssl_sock.h b/include/proto/ssl_sock.h
index d02939486..0751f70a0 100644
--- a/include/proto/ssl_sock.h
+++ b/include/proto/ssl_sock.h
@@ -109,6 +109,8 @@ void ssl_async_fd_free(int fd);
  */
 int ssl_sock_register_msg_callback(ssl_sock_msg_callback_func func);
 
+SSL *ssl_sock_get_ssl_object(struct connection *conn);
+
 #endif /* USE_OPENSSL */
 #endif /* _PROTO_SSL_SOCK_H */
 
diff --git a/src/ssl_sock.c b/src/ssl_sock.c
index 232b10b55..95bf9c27a 100644
--- a/src/ssl_sock.c
+++ b/src/ssl_sock.c
@@ -695,6 +695,14 @@ static void ssl_sock_unregister_msg_callbacks(void)
 	}
 }
 
+SSL *ssl_sock_get_ssl_object(struct connection *conn)
+{
+	if (!ssl_sock_is_ssl(conn))
+		return NULL;
+
+	return ((struct ssl_sock_ctx *)(conn->xprt_ctx))->ssl;
+}
+
 /*
  * This function gives the detail of the SSL error. It is used only
  * if the debug mode and the verbose mode are activated. It dump all