diff --git a/include/re_tls.h b/include/re_tls.h
index af77c78..8a9ec1c 100644
--- a/include/re_tls.h
+++ b/include/re_tls.h
@@ -42,6 +42,7 @@ int tls_peer_verify(const struct tls_conn *tc);
 int tls_srtp_keyinfo(const struct tls_conn *tc, enum srtp_suite *suite,
 		     uint8_t *cli_key, size_t cli_key_size,
 		     uint8_t *srv_key, size_t srv_key_size);
+const char *tls_cipher_name(const struct tls_conn *tc);
 
 
 /* TCP */
diff --git a/src/tls/openssl/tls.c b/src/tls/openssl/tls.c
index 71414f7..32b6323 100644
--- a/src/tls/openssl/tls.c
+++ b/src/tls/openssl/tls.c
@@ -644,3 +644,19 @@ int tls_srtp_keyinfo(const struct tls_conn *tc, enum srtp_suite *suite,
 	return ENOSYS;
 #endif
 }
+
+
+/**
+ * Get cipher name of a TLS connection
+ *
+ * @param tc TLS Connection
+ *
+ * @return name of cipher actually used or NULL, if session is not established.
+ */
+const char *tls_cipher_name(const struct tls_conn *tc)
+{
+	if (!tc)
+		return NULL;
+
+	return SSL_get_cipher_name(tc->ssl);
+}