diff --git a/components/micropython/CMakeLists.txt b/components/micropython/CMakeLists.txt
index 6ac89ec6011c0f25436a77562d96b085fecb0708..d6bfe8d638f24ff5d9ed5bebe15d1a57650c9aa3 100644
--- a/components/micropython/CMakeLists.txt
+++ b/components/micropython/CMakeLists.txt
@@ -107,6 +107,7 @@ set(IDF_COMPONENTS
     heap
     log
     lwip
+    mbedtls
     newlib
     nvs_flash
     sdmmc
diff --git a/components/micropython/vendor/extmod/moduhashlib.c b/components/micropython/vendor/extmod/moduhashlib.c
index 64e15c444df806b17f176a096219c71cfc5e343b..1f44d82ac8f88a0cf53442b714a18f07f8dd1eba 100644
--- a/components/micropython/vendor/extmod/moduhashlib.c
+++ b/components/micropython/vendor/extmod/moduhashlib.c
@@ -75,7 +75,7 @@ STATIC mp_obj_t uhashlib_sha256_update(mp_obj_t self_in, mp_obj_t arg);
 
 #if MICROPY_SSL_MBEDTLS
 
-#if MBEDTLS_VERSION_NUMBER < 0x02070000
+#if MBEDTLS_VERSION_NUMBER < 0x02070000 || MBEDTLS_VERSION_NUMBER >= 0x03000000
 #define mbedtls_sha256_starts_ret mbedtls_sha256_starts
 #define mbedtls_sha256_update_ret mbedtls_sha256_update
 #define mbedtls_sha256_finish_ret mbedtls_sha256_finish
@@ -203,7 +203,7 @@ STATIC mp_obj_t uhashlib_sha1_digest(mp_obj_t self_in) {
 
 #if MICROPY_SSL_MBEDTLS
 
-#if MBEDTLS_VERSION_NUMBER < 0x02070000
+#if MBEDTLS_VERSION_NUMBER < 0x02070000 || MBEDTLS_VERSION_NUMBER >= 0x03000000
 #define mbedtls_sha1_starts_ret mbedtls_sha1_starts
 #define mbedtls_sha1_update_ret mbedtls_sha1_update
 #define mbedtls_sha1_finish_ret mbedtls_sha1_finish
diff --git a/components/micropython/vendor/extmod/modussl_mbedtls.c b/components/micropython/vendor/extmod/modussl_mbedtls.c
index eea2d79532d8693e6a50af33be61f4cacf7b6f17..44c31bc4530064658895a285d7164cc0ae84ea02 100644
--- a/components/micropython/vendor/extmod/modussl_mbedtls.c
+++ b/components/micropython/vendor/extmod/modussl_mbedtls.c
@@ -225,7 +225,11 @@ STATIC mp_obj_ssl_socket_t *socket_new(mp_obj_t sock, struct ssl_args *args) {
         size_t key_len;
         const byte *key = (const byte *)mp_obj_str_get_data(args->key.u_obj, &key_len);
         // len should include terminating null
+        #if MBEDTLS_VERSION_NUMBER >= 0x03000000
+        ret = mbedtls_pk_parse_key(&o->pkey, key, key_len + 1, NULL, 0, mbedtls_ctr_drbg_random, &o->ctr_drbg);
+        #else
         ret = mbedtls_pk_parse_key(&o->pkey, key, key_len + 1, NULL, 0);
+        #endif
         if (ret != 0) {
             ret = MBEDTLS_ERR_PK_BAD_INPUT_DATA; // use general error for all key errors
             goto cleanup;
diff --git a/components/micropython/vendor/ports/esp32/mpconfigport.h b/components/micropython/vendor/ports/esp32/mpconfigport.h
index c878105e4ab6176750b3e1de761d126080693c8d..ed821bb0295763988660d911059d3715168a573a 100644
--- a/components/micropython/vendor/ports/esp32/mpconfigport.h
+++ b/components/micropython/vendor/ports/esp32/mpconfigport.h
@@ -131,7 +131,7 @@
 #define MICROPY_HW_SOFTSPI_MIN_DELAY        (0)
 #define MICROPY_HW_SOFTSPI_MAX_BAUDRATE     (ets_get_cpu_frequency() * 1000000 / 200) // roughly
 #define MICROPY_PY_USSL                     (1)
-#define MICROPY_SSL_MBEDTLS                 (0)
+#define MICROPY_SSL_MBEDTLS                 (1)
 #define MICROPY_PY_USSL_FINALISER           (1)
 #define MICROPY_PY_UWEBSOCKET               (1)
 #define MICROPY_PY_WEBREPL                  (1)