diff --git a/Cargo.toml b/Cargo.toml
index 4eada40..1d88be4 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -20,7 +20,7 @@ gio-runtime = ["gio", "glib"]
 async-tls = ["real-async-tls"]
 async-native-tls = ["async-std-runtime", "real-async-native-tls"]
 tokio-native-tls = ["tokio-runtime", "real-tokio-native-tls", "real-native-tls", "tungstenite/tls"]
-tokio-rustls = ["tokio-runtime", "real-tokio-rustls"]
+tokio-rustls = ["tokio-runtime", "real-tokio-rustls", "webpki-roots"]
 tokio-openssl = ["tokio-runtime", "real-tokio-openssl", "openssl"]
 
 [package.metadata.docs.rs]
@@ -79,6 +79,10 @@ optional = true
 version = "^0.14"
 package = "tokio-rustls"
 
+[dependencies.webpki-roots]
+optional = true
+version = "0.20"
+
 [dependencies.gio]
 optional = true
 version = "0.9"
diff --git a/src/tokio.rs b/src/tokio.rs
index 8116368..4b2a2a4 100644
--- a/src/tokio.rs
+++ b/src/tokio.rs
@@ -50,7 +50,10 @@ pub(crate) mod tokio_tls {
                     let connector = if let Some(connector) = connector {
                         connector
                     } else {
-                        let config = ClientConfig::new();
+                        let mut config = ClientConfig::new();
+                        config
+                            .root_store
+                            .add_server_trust_anchors(&webpki_roots::TLS_SERVER_ROOTS);
                         AsyncTlsConnector::from(std::sync::Arc::new(config))
                     };
                     let domain = DNSNameRef::try_from_ascii_str(&domain)