diff --git a/lib/base/tlsutility.cpp b/lib/base/tlsutility.cpp
index 40f7b57da..1357ed617 100644
--- a/lib/base/tlsutility.cpp
+++ b/lib/base/tlsutility.cpp
@@ -258,6 +258,49 @@ int ResolveTlsProtocolVersion(const std::string& version) {
 	}
 }
 
+Shared<boost::asio::ssl::context>::Ptr SetupSslContext(String certPath, String keyPath,
+	String caPath, String crlPath, String cipherList, String protocolmin, DebugInfo di)
+{
+	namespace ssl = boost::asio::ssl;
+
+	Shared<ssl::context>::Ptr context;
+
+	try {
+		context = MakeAsioSslContext(certPath, keyPath, caPath);
+	} catch (const std::exception&) {
+		BOOST_THROW_EXCEPTION(ScriptError("Cannot make SSL context for cert path: '"
+			+ certPath + "' key path: '" + keyPath + "' ca path: '" + caPath + "'.", di));
+	}
+
+	if (!crlPath.IsEmpty()) {
+		try {
+			AddCRLToSSLContext(context, crlPath);
+		} catch (const std::exception&) {
+			BOOST_THROW_EXCEPTION(ScriptError("Cannot add certificate revocation list to SSL context for crl path: '"
+				+ crlPath + "'.", di));
+		}
+	}
+
+	if (!cipherList.IsEmpty()) {
+		try {
+			SetCipherListToSSLContext(context, cipherList);
+		} catch (const std::exception&) {
+			BOOST_THROW_EXCEPTION(ScriptError("Cannot set cipher list to SSL context for cipher list: '"
+				+ cipherList + "'.", di));
+		}
+	}
+
+	if (!protocolmin.IsEmpty()){
+		try {
+			SetTlsProtocolminToSSLContext(context, protocolmin);
+		} catch (const std::exception&) {
+			BOOST_THROW_EXCEPTION(ScriptError("Cannot set minimum TLS protocol version to SSL context with tls_protocolmin: '" + protocolmin + "'.", di));
+		}
+	}
+
+	return std::move(context);
+}
+
 /**
  * Set the minimum TLS protocol version to the specified SSL context.
  *
diff --git a/lib/base/tlsutility.hpp b/lib/base/tlsutility.hpp
index 2493ff279..ce50fb427 100644
--- a/lib/base/tlsutility.hpp
+++ b/lib/base/tlsutility.hpp
@@ -4,6 +4,7 @@
 #define TLSUTILITY_H
 
 #include "base/i2-base.hpp"
+#include "base/debuginfo.hpp"
 #include "base/object.hpp"
 #include "base/shared.hpp"
 #include "base/array.hpp"
@@ -35,6 +36,9 @@ void SetCipherListToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& con
 void SetTlsProtocolminToSSLContext(const Shared<boost::asio::ssl::context>::Ptr& context, const String& tlsProtocolmin);
 int ResolveTlsProtocolVersion(const std::string& version);
 
+Shared<boost::asio::ssl::context>::Ptr SetupSslContext(String certPath, String keyPath,
+	String caPath, String crlPath, String cipherList, String protocolmin, DebugInfo di);
+
 String GetCertificateCN(const std::shared_ptr<X509>& certificate);
 std::shared_ptr<X509> GetX509Certificate(const String& pemfile);
 int MakeX509CSR(const String& cn, const String& keyfile, const String& csrfile = String(), const String& certfile = String(), bool ca = false);
diff --git a/lib/remote/apilistener.cpp b/lib/remote/apilistener.cpp
index fcf902cfa..45dc69131 100644
--- a/lib/remote/apilistener.cpp
+++ b/lib/remote/apilistener.cpp
@@ -181,44 +181,7 @@ void ApiListener::OnConfigLoaded()
 
 void ApiListener::UpdateSSLContext()
 {
-	namespace ssl = boost::asio::ssl;
-
-	Shared<ssl::context>::Ptr context;
-
-	try {
-		context = MakeAsioSslContext(GetDefaultCertPath(), GetDefaultKeyPath(), GetDefaultCaPath());
-	} catch (const std::exception&) {
-		BOOST_THROW_EXCEPTION(ScriptError("Cannot make SSL context for cert path: '"
-			+ GetDefaultCertPath() + "' key path: '" + GetDefaultKeyPath() + "' ca path: '" + GetDefaultCaPath() + "'.", GetDebugInfo()));
-	}
-
-	if (!GetCrlPath().IsEmpty()) {
-		try {
-			AddCRLToSSLContext(context, GetCrlPath());
-		} catch (const std::exception&) {
-			BOOST_THROW_EXCEPTION(ScriptError("Cannot add certificate revocation list to SSL context for crl path: '"
-				+ GetCrlPath() + "'.", GetDebugInfo()));
-		}
-	}
-
-	if (!GetCipherList().IsEmpty()) {
-		try {
-			SetCipherListToSSLContext(context, GetCipherList());
-		} catch (const std::exception&) {
-			BOOST_THROW_EXCEPTION(ScriptError("Cannot set cipher list to SSL context for cipher list: '"
-				+ GetCipherList() + "'.", GetDebugInfo()));
-		}
-	}
-
-	if (!GetTlsProtocolmin().IsEmpty()){
-		try {
-			SetTlsProtocolminToSSLContext(context, GetTlsProtocolmin());
-		} catch (const std::exception&) {
-			BOOST_THROW_EXCEPTION(ScriptError("Cannot set minimum TLS protocol version to SSL context with tls_protocolmin: '" + GetTlsProtocolmin() + "'.", GetDebugInfo()));
-		}
-	}
-
-	m_SSLContext = context;
+	m_SSLContext = SetupSslContext(GetDefaultCertPath(), GetDefaultKeyPath(), GetDefaultCaPath(), GetCrlPath(), GetCipherList(), GetTlsProtocolmin(), GetDebugInfo());
 
 	for (const Endpoint::Ptr& endpoint : ConfigType::GetObjectsByType<Endpoint>()) {
 		for (const JsonRpcConnection::Ptr& client : endpoint->GetClients()) {