diff --git a/hetzner/reset.py b/hetzner/reset.py
index 4afc310..ab36b9e 100644
--- a/hetzner/reset.py
+++ b/hetzner/reset.py
@@ -77,7 +77,10 @@ def observed_reboot(self, patience=300, tries=None, manual=False):
         is_down = False
 
         if tries is None:
-            tries = ['soft', 'hard']
+            if 'sw' not in self.reset_types:
+                tries = ['hard']
+            else:
+                tries = ['soft', 'hard']
 
         for mode in tries:
             self.server.logger.info("Trying to reboot using the %r method.",
diff --git a/hetzner/util/http.py b/hetzner/util/http.py
index a5e6789..f04b584 100644
--- a/hetzner/util/http.py
+++ b/hetzner/util/http.py
@@ -63,8 +63,21 @@ def connect(self):
             ).encode('ascii'))
             ca_certs.flush()
             cafile = ca_certs.name
-        self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file,
-                                    cert_reqs=ssl.CERT_REQUIRED,
-                                    ca_certs=cafile)
+        #self.sock = ssl.wrap_socket(sock, self.key_file, self.cert_file,
+        #                            cert_reqs=ssl.CERT_REQUIRED,
+        #                            ca_certs=cafile)
+        context = ssl.create_default_context(cafile=cafile)
+        context.check_hostname = True
+        context.verify_mode = ssl.CERT_REQUIRED
+
+        key_file = getattr(self, 'key_file', None)
+        cert_file = getattr(self, 'cert_file', None)
+
+        if key_file and cert_file:
+            context.load_cert_chain(cert_file, key_file)
+
+        hostname = self.host
+        self.sock = context.wrap_socket(sock, server_hostname=hostname)
+
         if bundle is None:
             ca_certs.close()