diff --git a/CHANGELOG.md b/CHANGELOG.md
index f15442e..4d57c60 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Change log
 
+## 0.1.3
+### Added
+- Support for loading CA certificates for AD off of the file system or a web
+  server.
+
 ## 0.1.2
 ### Added
 - `objectGUID` attributes on objects are now converted to a human-readable
diff --git a/README.md b/README.md
index 1234d3b..78f0112 100644
--- a/README.md
+++ b/README.md
@@ -45,6 +45,9 @@ var config = {
     bindDn: "CN=LDAP User,OU=Users,OU=MyBusiness,DC=example,DC=com",
     bindCredentials: "mypassword",
     searchBase: "OU=Users,OU=MyBusiness,DC=example,DC=com"
+    tlsOptions: {
+      ca: "./example-ca.cer"
+    }
   }
 };
 
diff --git a/lib/adauth.js b/lib/adauth.js
index e744640..d516caf 100644
--- a/lib/adauth.js
+++ b/lib/adauth.js
@@ -19,7 +19,9 @@ var ldap = require('ldapjs');
 var debug = console.warn;
 var format = require('util').format;
 var bcrypt = require('bcryptjs');
-
+var validUrl = require('valid-url');
+var syncRequest = require('sync-request');
+var fs = require('fs');
 
 /**
  * Create an AD auth class. Primary usage is the `.authenticate` method.
@@ -135,6 +137,17 @@ function ADAuth(opts) {
     var Cache = require('./cache');
     this.userCache = new Cache(100, 300, this.log, 'user');
   }
+  
+  if (opts.tlsOptions && opts.tlsOptions.ca && typeof (opts.tlsOptions.ca) === 'string') {
+    if (validUrl.isWebUri(opts.tlsOptions.ca)) {
+      var cert = syncRequest('GET', opts.tlsOptions.ca);
+      opts.tlsOptions.ca = cert.getBody();
+    } else {
+      try {
+        opts.tlsOptions.ca = fs.readFileSync(opts.tlsOptions.ca);
+      } catch (err) {}
+    }
+  }
 
   this.clientOpts = {
     url: opts.url,
diff --git a/package.json b/package.json
index c57d0dd..2eb5a51 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "adauth",
-  "version": "0.1.2",
+  "version": "0.1.3",
   "main": "./lib/adauth.js",
   "description": "Authenticate against an Active Directory domain via LDAP",
   "author": "Vartan Simonian <vsimonianpress@gmail.com> (https://github.com/vsimonian)",
@@ -29,6 +29,8 @@
     "bcryptjs": "^2.1.0",
     "ldapjs": "mcavage/node-ldapjs",
     "long": "^2.2.3",
-    "lru-cache": "^2.5.0"
+    "lru-cache": "^2.5.0",
+    "sync-request": "^2.0.1",
+    "valid-url": "^1.0.9"
   }
 }