diff --git a/kazoo/handlers/utils.py b/kazoo/handlers/utils.py
index bd1b92ef..fa561fe0 100644
--- a/kazoo/handlers/utils.py
+++ b/kazoo/handlers/utils.py
@@ -191,7 +191,7 @@ def create_tcp_socket(module):
 def create_tcp_connection(module, address, timeout=None,
                           use_ssl=False, ca=None, certfile=None,
                           keyfile=None, keyfile_password=None,
-                          verify_certs=True):
+                          verify_certs=True, options=None, ciphers=None):
     end = None
     if timeout is None:
         # thanks to create_connection() developers for
@@ -211,8 +211,16 @@ def create_tcp_connection(module, address, timeout=None,
         if use_ssl:
             # Disallow use of SSLv2 and V3 (meaning we require TLSv1.0+)
             context = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
-            context.options |= ssl.OP_NO_SSLv2
-            context.options |= ssl.OP_NO_SSLv3
+
+            if options is not None:
+                context.options = options
+            else:
+                context.options |= ssl.OP_NO_SSLv2
+                context.options |= ssl.OP_NO_SSLv3
+
+            if ciphers:
+                context.set_ciphers(ciphers)
+
             # Load default CA certs
             context.load_default_certs(ssl.Purpose.SERVER_AUTH)
             context.verify_mode = (