diff --git a/redis/client.py b/redis/client.py
old mode 100644
new mode 100755
index 52858203bf..527e9bd266
--- a/redis/client.py
+++ b/redis/client.py
@@ -18,6 +18,14 @@
     ExecAbortError,
 )
 
+try:
+    import ssl
+    ssl_available = True
+    ssl_cert_reqs = ssl.CERT_NONE
+except ImportError:
+    ssl_available = False
+    ssl_cert_reqs = 0
+
 SYM_EMPTY = b('')
 
 
@@ -345,8 +353,12 @@ def from_url(cls, url, db=None, **kwargs):
         """
         url = urlparse(url)
 
-        # We only support redis:// schemes.
-        assert url.scheme == 'redis' or not url.scheme
+        # We only support redis:// and resiss:// schemes.
+        assert url.scheme == 'redis' or \
+            url.scheme == 'rediss' or \
+            not url.scheme
+        if url.scheme == 'rediss':
+            kwargs['use_ssl'] = True
 
         # Extract the database ID from the path component if hasn't been given.
         if db is None:
@@ -362,11 +374,18 @@ def __init__(self, host='localhost', port=6379,
                  db=0, password=None, socket_timeout=None,
                  connection_pool=None, charset='utf-8',
                  errors='strict', decode_responses=False,
-                 unix_socket_path=None):
+                 unix_socket_path=None,
+                 use_ssl=False, keyfile=None, certfile=None,
+                 cert_reqs=ssl_cert_reqs, ca_certs=None):
         if not connection_pool:
             kwargs = {
                 'db': db,
                 'password': password,
+                'keyfile': keyfile,
+                'use_ssl': use_ssl,
+                'certfile': certfile,
+                'ca_certs': ca_certs,
+                'cert_reqs': cert_reqs,
                 'socket_timeout': socket_timeout,
                 'encoding': charset,
                 'encoding_errors': errors,
diff --git a/redis/connection.py b/redis/connection.py
old mode 100644
new mode 100755
index 8a064b39a7..fc3762ff62
--- a/redis/connection.py
+++ b/redis/connection.py
@@ -5,6 +5,13 @@
 import sys
 import threading
 
+try:
+    import ssl
+    ssl_available = True
+    ssl_cert_reqs = ssl.CERT_NONE
+except ImportError:
+    ssl_available = False
+    ssl_cert_reqs = 0
 
 from redis._compat import (b, xrange, imap, byte_to_chr, unicode, bytes, long,
                            BytesIO, nativestr, basestring,
@@ -220,12 +227,19 @@ class Connection(object):
     def __init__(self, host='localhost', port=6379, db=0, password=None,
                  socket_timeout=None, encoding='utf-8',
                  encoding_errors='strict', decode_responses=False,
-                 parser_class=DefaultParser):
+                 parser_class=DefaultParser,
+                 use_ssl=False, keyfile=None, certfile=None,
+                 cert_reqs=ssl_cert_reqs, ca_certs=None):
         self.pid = os.getpid()
         self.host = host
         self.port = port
         self.db = db
         self.password = password
+        self.use_ssl = use_ssl
+        self.keyfile = keyfile
+        self.certfile = certfile
+        self.ca_certs = ca_certs
+        self.cert_reqs = cert_reqs
         self.socket_timeout = socket_timeout
         self.encoding = encoding
         self.encoding_errors = encoding_errors
@@ -275,6 +289,13 @@ def _connect(self):
             sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
             sock.settimeout(self.socket_timeout)
             sock.connect((self.host, self.port))
+
+        if ssl_available and self.use_ssl:
+            sock = ssl.wrap_socket(sock,
+                                   cert_reqs=self.cert_reqs,
+                                   keyfile=self.keyfile,
+                                   certfile=self.certfile,
+                                   ca_certs=self.ca_certs, )
         return sock
 
     def _error_message(self, exception):