Index: src/vortex_tls.c
===================================================================
--- src/vortex_tls.c	(revision 3316)
+++ src/vortex_tls.c	(working copy)
@@ -1420,8 +1420,6 @@
 {
 	/* get current context */
 	VortexCtx * ctx = vortex_ctx_get ();
-	char      * certificate_file;
-	char      * private_key_file;
 
 	/* flag this connection to be already TLS-ficated */
 	if (vortex_connection_is_tlsficated (connection)) {
@@ -1447,6 +1445,10 @@
 		return true;
 	}
 
+	if( ctx->tls_default_ctx_creation==NULL && vortex_connection_get_data (connection, CTX_CREATION)==NULL ) {
+		char      * certificate_file;
+		char      * private_key_file;
+
 	vortex_log (LOG_DOMAIN, VORTEX_LEVEL_DEBUG, "application level seems to accept negotiate the TLS profile, getting certificate");
 
 	/* get TLS certificate file */
@@ -1473,6 +1475,11 @@
 		return true;
 	}
 
+		/* store certificate and private key files */
+		vortex_connection_set_data_full    (connection, "tls:certificate-file", certificate_file, NULL, axl_free);
+		vortex_connection_set_data_full    (connection, "tls:private-file",     private_key_file, NULL, axl_free);
+	}
+
 	/* set the reply to for the TLS channel negotiation. Memory
 	 * holding profile content reply should be dynamically
 	 * allocated because vortex library will deallocate it. */
@@ -1486,11 +1493,7 @@
 	 * if the channel 0 is closed on the given connection. */
 	vortex_connection_set_close_socket (connection, false);
 
-	/* 2) store certificate and private key files */
-	vortex_connection_set_data_full    (connection, "tls:certificate-file", certificate_file, NULL, axl_free);
-	vortex_connection_set_data_full    (connection, "tls:private-file",     private_key_file, NULL, axl_free);
-
-	/* 3) now prepare the connection to accept the incoming
+	/* 2) now prepare the connection to accept the incoming
 	   negotiation by using the pre read handler */
 	vortex_connection_set_preread_handler (connection, vortex_tls_prepare_listener);