--- tlsdate-0.0.12/Makefile.am
+++ tlsdate-0.0.12-mbedtls/Makefile.am
@@ -17,7 +17,10 @@ noinst_PROGRAMS=
 
 if !TARGET_OSX
 # GNU style is "make check", this will make check and test work
-TESTS+= src/conf_unittest src/proxy-bio_unittest
+TESTS+= src/conf_unittest
+if !POLARSSL
+TESTS+= src/proxy-bio_unittest
+endif
 if TARGET_LINUX
 TESTS+= src/tlsdated_unittest
 endif
--- tlsdate-0.0.12/configure.ac
+++ tlsdate-0.0.12-mbedtls/configure.ac
@@ -86,10 +86,10 @@ SSL_LIBS="-lssl -lcrypto"
 AS_IF([test "x${OPT_POLARSSL}" != "xno"], [
   AS_IF([test -z "${POLARSSL_DIR}"], [
     dnl check for lib first without setting any new path
-    AC_CHECK_LIB(polarssl, ssl_init,
-    dnl libpolarssl found, set the variable
+    AC_CHECK_LIB(mbedtls, ssl_init,
+    dnl libmbedtls found, set the variable
      [
-       AC_DEFINE(USE_POLARSSL, 1, [if PolarSSL is enabled])
+       AC_DEFINE(USE_POLARSSL, 1, [if mbedTLS is enabled])
        AC_SUBST(USE_POLARSSL, [1])
        POLARSSL_ENABLED=1
        USE_POLARSSL="yes"
@@ -113,9 +113,9 @@ AS_IF([test "x${OPT_POLARSSL}" != "xno"]
        CPPFLAGS="$CPPFLAGS $addcflags"
     ])
 
-    AC_CHECK_LIB(polarssl, ssl_init,
+    AC_CHECK_LIB(mbedtls, ssl_init,
      [
-       AC_DEFINE(USE_POLARSSL, 1, [if PolarSSL is enabled])
+       AC_DEFINE(USE_POLARSSL, 1, [if mbedTLS is enabled])
        AC_SUBST(USE_POLARSSL, [1])
        POLARSSL_ENABLED=1
        USE_POLARSSL="yes"
@@ -125,8 +125,8 @@ AS_IF([test "x${OPT_POLARSSL}" != "xno"]
   ])
 
   AS_IF([test "x${USE_POLARSSL}" = "xyes"], [
-    AC_MSG_NOTICE([detected PolarSSL])
-    SSL_LIBS="-lpolarssl"
+    AC_MSG_NOTICE([detected mbedTLS])
+    SSL_LIBS="-lmbedtls"
 
     AS_IF([test -n "$polarssllib"], [
       dnl when shared libs were found in a path that the run-time
--- tlsdate-0.0.12/src/tlsdate-helper.c
+++ tlsdate-0.0.12-mbedtls/src/tlsdate-helper.c
@@ -94,6 +94,10 @@ know:
 #include "polarssl/entropy.h"
 #include "polarssl/ctr_drbg.h"
 #include "polarssl/ssl.h"
+#include "polarssl/version.h"
+#if (POLARSSL_VERSION_NUMBER >= 0x01030000)
+#include "polarssl/compat-1.2.h"
+#endif
 #endif
 
 static void
@@ -850,7 +854,11 @@ check_key_length (ssl_context *ssl)
   x509parse_dn_gets(buf, 1024, &certificate->subject);
   verb_debug ("V: Certificate for subject '%s'", buf);
 
+#if (POLARSSL_VERSION_NUMBER >= 0x01030000)
+  public_key = pk_rsa (certificate->pk);
+#else
   public_key = &certificate->rsa;
+#endif
   if (NULL == public_key)
   {
     die ("public key extraction failure");