diff --git a/minimal-examples/ws-client/minimal-ws-client-binance/main.c b/minimal-examples/ws-client/minimal-ws-client-binance/main.c
index 1639fcf78..842547960 100644
--- a/minimal-examples/ws-client/minimal-ws-client-binance/main.c
+++ b/minimal-examples/ws-client/minimal-ws-client-binance/main.c
@@ -42,6 +42,36 @@ static struct my_conn {
 static struct lws_context *context;
 static int interrupted;
 
+#if defined(LWS_WITH_MBEDTLS) || defined(USE_WOLFSSL)
+/*
+ * OpenSSL uses the system trust store.  mbedTLS / WolfSSL have to be told which
+ * CA to trust explicitly.
+ */
+static const char * const ca_pem_digicert_global_root =
+	"-----BEGIN CERTIFICATE-----\n"
+	"MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh\n"
+	"MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3\n"
+	"d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD\n"
+	"QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT\n"
+	"MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j\n"
+	"b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG\n"
+	"9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB\n"
+	"CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97\n"
+	"nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt\n"
+	"43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P\n"
+	"T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4\n"
+	"gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO\n"
+	"BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR\n"
+	"TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw\n"
+	"DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr\n"
+	"hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg\n"
+	"06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF\n"
+	"PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls\n"
+	"YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk\n"
+	"CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=\n"
+	"-----END CERTIFICATE-----\n";
+#endif
+
 /*
  * The retry and backoff policy we want to use for our client connections
  */
@@ -321,6 +351,15 @@ int main(int argc, const char **argv)
 	info.fd_limit_per_thread = 1 + 1 + 1;
 	info.extensions = extensions;
 
+#if defined(LWS_WITH_MBEDTLS) || defined(USE_WOLFSSL)
+	/*
+	 * OpenSSL uses the system trust store.  mbedTLS / WolfSSL have to be
+	 * told which CA to trust explicitly.
+	 */
+	info.client_ssl_ca_mem = ca_pem_digicert_global_root;
+	info.client_ssl_ca_mem_len = strlen(ca_pem_digicert_global_root);
+#endif
+
 	context = lws_create_context(&info);
 	if (!context) {
 		lwsl_err("lws init failed\n");