diff --git a/transports/websocket/Cargo.toml b/transports/websocket/Cargo.toml
index 463c6264..135b46d1 100644
--- a/transports/websocket/Cargo.toml
+++ b/transports/websocket/Cargo.toml
@@ -10,16 +10,18 @@ keywords = ["peer-to-peer", "libp2p", "networking"]
 categories = ["network-programming", "asynchronous"]
 
 [dependencies]
+async-tls = "0.5"
 bytes = "0.4.12"
 either = "1.5.3"
 futures-preview = "0.3.0-alpha.18"
-#futures-rustls = "0.12.0-alpha"        # TODO: https://github.com/quininer/tokio-rustls/issues/51
 libp2p-core = { version = "0.13.0", path = "../../core" }
 log = "0.4.8"
+rustls = "0.16"
 rw-stream-sink = { version = "0.1.1", path = "../../misc/rw-stream-sink" }
 soketto = { git = "https://github.com/paritytech/soketto.git", branch = "develop", features = ["deflate"] }
-url = "2.1.0"
-webpki-roots = "0.18.0"
+url = "2.1"
+webpki = "0.21"
+webpki-roots = "0.18"
 
 [dev-dependencies]
 libp2p-tcp = { version = "0.13.0", path = "../tcp" }
diff --git a/transports/websocket/src/framed.rs b/transports/websocket/src/framed.rs
index 31c02b1d..06d589e7 100644
--- a/transports/websocket/src/framed.rs
+++ b/transports/websocket/src/framed.rs
@@ -18,11 +18,11 @@
 // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 // DEALINGS IN THE SOFTWARE.
 
+use async_tls::{client, server};
 use bytes::BytesMut;
 use crate::{error::Error, tls};
 use either::Either;
 use futures::{prelude::*, ready};
-use futures_rustls::{client, server, webpki};
 use libp2p_core::{
     Transport,
     either::EitherOutput,
@@ -301,7 +301,12 @@ where
             if use_tls { // begin TLS session
                 let dns_name = dns_name.expect("for use_tls we have checked that dns_name is some");
                 trace!("starting TLS handshake with {}", address);
-                let stream = self.tls_config.client.connect(dns_name.as_ref(), stream)
+                let stream = self.tls_config.client.connect(&dns_name, stream)
+                    .map_err(|e| {
+                        // We should never enter here as we passed a `DNSNameRef` to `connect`.
+                        debug!("invalid domain name: {:?}", dns_name);
+                        Error::Tls(e.into())
+                    })?
                     .map_err(|e| {
                         debug!("TLS handshake with {} failed: {}", address, e);
                         Error::Tls(tls::Error::from(e))
diff --git a/transports/websocket/src/tls.rs b/transports/websocket/src/tls.rs
index d526176a..18dfb8bc 100644
--- a/transports/websocket/src/tls.rs
+++ b/transports/websocket/src/tls.rs
@@ -18,13 +18,8 @@
 // FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
 // DEALINGS IN THE SOFTWARE.
 
+use async_tls::{TlsConnector, TlsAcceptor};
 use std::{fmt, io, sync::Arc};
-use futures_rustls::{
-    TlsConnector,
-    TlsAcceptor,
-    rustls,
-    webpki
-};
 
 /// TLS configuration.
 #[derive(Clone)]