diff --git a/lib/app.js b/lib/app.js
index ef7e7c86..f84fb102 100755
--- a/lib/app.js
+++ b/lib/app.js
@@ -51,20 +51,41 @@ app.use(express.session());
 
 config.load(function(err, conf) {
   if (err) { console.log(err); process.exit(1); }
-  atm.init(app, conf.config);
 
-  if (argv.https) {
-    var testkeys = path.join(__dirname, '..', 'testkeys');
-    var privateKey = fs.readFileSync(path.join(testkeys, 'privatekey.pem'));
-    var certificate = fs.readFileSync(path.join(testkeys, 'certificate.pem'));
-    var credentials = {key: privateKey, cert: certificate};
-    https.createServer(credentials, app).listen(port, function () {
-      console.log('Express server listening on port ' + port + ' (https)');
-    });
-  }
-  else {
+  var authMiddleware = function (req, res, next) { return next(); };
+
+  if (argv.http) {
     http.createServer(app).listen(port, function () {
       console.log('Express server listening on port ' + port + ' (http)');
     });
   }
+  else {
+    authMiddleware = function(req, res, next) {
+      var fingerprint = req.connection.getPeerCertificate().fingerprint;
+      var e = new Error('Unauthorized');
+      e.status = 401;
+
+      config.isAuthorized(fingerprint, function (err, authorized) {
+        if (err) { return next(e); }
+        if (!authorized) { return next(e); }
+        next();
+      });
+    };
+
+    var options = {
+      key: fs.readFileSync(argv.key),
+      cert: fs.readFileSync(argv.cert),
+      requestCert: true,
+      secureProtocol: 'TLSv1_method',
+      ciphers: 'AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH',
+      honorCipherOrder: true
+    };
+
+    https.createServer(options, app).listen(port, function () {
+      console.log('Express server listening on port ' + port + ' (https)');
+    });
+  }
+
+  atm.init(app, conf.config, config, authMiddleware);
+
 });
diff --git a/package.json b/package.json
index c2c47740..27c7a5bd 100644
--- a/package.json
+++ b/package.json
@@ -15,8 +15,7 @@
     "express": "~3.4.7",
     "optimist": "~0.6.0",
     "lamassu-config": "~0.1.1",
-    "lamassu-atm-protocol": "~0.1.0",
-    "client-certificate-auth": "git+https://github.com/mmalecki/client-certificate-auth.git#async-authorization"
+    "lamassu-atm-protocol": "~0.1.0"
   },
   "repository": {
     "type": "git",