diff --git a/CHANGELOG b/CHANGELOG
index 1a4d99e55..c625bbf4a 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -1,5 +1,7 @@
 # Nmap Changelog ($Id$); -*-text-*-
 
+o [NSE] Added XMPP support to ssl-cert.nse.
+
 o [NSE] Added http-cors by Toni Ruottu.
 
 o [NSE] Added ganglia-info by Brendan Coles.
diff --git a/nselib/xmpp.lua b/nselib/xmpp.lua
index 85cae82b6..47c06f082 100644
--- a/nselib/xmpp.lua
+++ b/nselib/xmpp.lua
@@ -110,6 +110,7 @@ XMPP = {
 	-- 			<code>timeout</code> - sets the socket timeout
 	--			<code>servername</code> - sets the server name to use in
 	--										communication with the server.
+	--			<code>starttls</code> - start TLS handshake even if it is optional.
 	new = function(self, host, port, options)
 		local o = { host = host,
 					port = port,
@@ -206,13 +207,14 @@ XMPP = {
 			return false, "ERROR: Only version 1.0 is supported"
 		end
 		
-		if ( start_tls == "required" ) then
+		if ( start_tls == "required" or self.options.starttls) then
 			status, err = self:send("<starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/>")
 			if ( not(status) ) then return false, "ERROR: Failed to initiate STARTTLS" end
 			local status, tag = self:receive_tag()
 			if ( not(status) ) then return false, "ERROR: Failed to recevice from server" end
 			if ( tag.name == "proceed" ) then
 				status, err = self.socket:reconnect_ssl()
+				self.options.starttls = false
 				return self:connect()
 			end
 		end
diff --git a/scripts/ssl-cert.nse b/scripts/ssl-cert.nse
index bf061cbec..c3e1a09be 100644
--- a/scripts/ssl-cert.nse
+++ b/scripts/ssl-cert.nse
@@ -68,6 +68,7 @@ require("nmap")
 require("nsedebug")
 require("shortport")
 require("stdnse")
+require("xmpp")
 
 local stringify_name
 local date_to_string
@@ -138,8 +139,29 @@ function smtp_starttls(host, port)
     return "Connected"
 end 
 
+function xmpp_starttls(host, port)
+    local ls = xmpp.XMPP:new(host, port, { starttls = true } )
+    ls.socket = s
+    ls.socket:set_timeout(ls.options.timeout * 1000)
+
+    local status, err = ls.socket:connect(host, port)
+    if not status then
+        return nil
+    end
+
+    status, err = ls:connect()
+    if status then
+        return "Connected"
+    end
+end
+
 -- A table mapping port numbers to specialized SSL negotiation functions.
-local SPECIALIZED_FUNCS = { [25] = smtp_starttls, [587] = smtp_starttls }
+local SPECIALIZED_FUNCS = {
+    [25] = smtp_starttls,
+    [587] = smtp_starttls,
+    [5222] = xmpp_starttls,
+    [5269] = xmpp_starttls
+}
 
 portrule = function(host, port)
     return shortport.ssl(host, port) or SPECIALIZED_FUNCS[port.number]