diff --git a/mygeotab/api.py b/mygeotab/api.py
index bece3ab..d16b88d 100644
--- a/mygeotab/api.py
+++ b/mygeotab/api.py
@@ -18,6 +18,7 @@
 from requests.adapters import HTTPAdapter
 from requests.exceptions import Timeout
 from requests.packages import urllib3
+from requests.packages.urllib3.util.ssl_ import create_urllib3_context
 from six.moves.urllib.parse import urlparse
 
 from . import __title__, __version__
@@ -307,13 +308,52 @@ def get_param(self):
         """
         return dict(userName=self.username, sessionId=self.session_id, database=self.database)
 
-
+    
 class GeotabHTTPAdapter(HTTPAdapter):
-    """HTTP adapter to force use of TLS 1.2 for HTTPS connections."""
+    """HTTP adapter to force use of TLS 1.2+ for HTTPS connections."""
 
     def init_poolmanager(self, connections, maxsize, block=False, **pool_kwargs):
+        ctx = create_urllib3_context()
+        ctx.load_default_certs()
+        
+        # disabled SSL2.0 as per:
+        # Sean Tuner, President, IECA
+        # Tim Polk, , Computer Scientist, Computer Security Division, NIST
+        # https://datatracker.ietf.org/doc/rfc6176/
+        # rfc6176
+        ctx.options |= ssl.OP_NO_SSLv2
+        
+        # disabled SSL3.0 as per:
+        # Richard Barnes, (former) Security Engineering, Mozilla
+        # Martin Thomson, Distinguished Engineer, Mozilla
+        # Alfredo Pironti, Cyber Security Specialist, Secure Distributed Computing, INRIA
+        # Adam Langley, Senior Staff Software Engineer, Google
+        # rfc7568
+        # https://datatracker.ietf.org/doc/html/rfc7568
+        ctx.options |= ssl.OP_NO_SSLv3
+        
+        # disabled TLSv1.0 and TLSv1.1 as per: 
+        # Kathleen Moriarty, CTO, Center for Internet Security
+        # Stephen Farrell, Research Fellow, Computer Science, Trinity College Dublin
+        # RFC 8996
+        # https://datatracker.ietf.org/doc/rfc8996/
+        ctx.options |= ssl.OP_NO_TLSv1
+        ctx.options |= ssl.OP_NO_TLSv1_1
+        
+        #enabled TLS1.2 + TLS1.3 as per:
+        # tbd
+        ctx.options |= ssl.PROTOCOL_TLS
+
+        #disabled ECDSA as per
+        # tbd
+        #enabled ECDHE+AESGCM as per 
+        # tbd
+        ctx.set_ciphers('ECDHE+AESGCM:!ECDSA')
+
+        ctx.set_ecdh_curve('secp384r1')
+
         self.poolmanager = urllib3.poolmanager.PoolManager(
-            num_pools=connections, maxsize=maxsize, block=block, ssl_version=ssl.PROTOCOL_TLSv1_2, **pool_kwargs
+            num_pools=connections, maxsize=maxsize, block=block, ssl_context=ctx, **pool_kwargs
         )